The Internet of Medical Things (IoMT)

Italy targeted by multiple adversaries, new APT operations, latest developments in cybercrime

 View all
Legitimate Sites used as Cobalt Strike C2s against Indian Government

Introduction Telsy Threat Intelligence team observed an attack against members of the Indian government or local institutions, which uses social engineering themes as an investigation for a cyber attack or...

 Read more
SimJacker, the SIM cards vulnerability

SimJacker is a SIM card vulnerability that allows cybercriminals to compromise any cell phone and spy on victims by simply sending an SMS text message.   What is SimJacker? The...

 Read more
The Web Shell

A Web Shell is a shell-like interface that enables a web server to be remotely accessed, often for the purposes of cyberattacks.   What is a Web Shell? A Web...

 Read more
CronRAT, the e-commerce malware

Experts have identified a new Linux RAT that was dubbed “CronRAT”. It stands out through its hiding place, as it can be found in different tasks which have a schedule-timeline...

 Read more
The BlackMatter ransomware

First seen in July 2021, BlackMatter is a Ransomware-as-a-Service (RaaS) tool that allows the ransomware‘s developers to profit from cybercriminal affiliates (i.e., BlackMatter actors) who deploy it against victims.  BlackMatter...

 Read more
Artificial intelligence and Cybersecurity between cyber defense and cyber attack

Abstract Artificial intelligence can be qualified as an ambivalent tool since it lends itself to being used both as a means to create cyber defense products and, unfortunately, as a...

 Read more
Double and triple extortion attacks

Initially, criminals exclusively used ransomware-related malware to restrict access to user data by encrypting files on individual or organizational devices.  In exchange for the decryption key, the victims had to...

 Read more
The Dharma ransomware

Dharma is a dangerous ransomware, identified as early as 2016, whose uniqueness lies entirely in its peculiar attack technique: the Dharma ransomware, in fact, is able to install itself on...

 Read more
Possible attack to Telco company in Middle East

Telsy Threat Intelligence team identified a possible Grunt Covenant multi-stage attack aimed at a major telecommunications company in Iran.   Introduction In this article, we will look at the different steps...

 Read more
The REvil ransomware

REvil (Ransomware Evil, also known as Sodinokibi) is a Russian-speaking private Ransomware-as-a-Service (RaaS) operation. After an attack, REvil would threaten to publish the information on their page (Happy Blog) unless...

 Read more