CTI Archivi - Telsy

Microsoft Exchange servers backdoored with OwlProxy

Introduction In early 2022, Telsy observed malicious cyber activity in the Microsoft Exchange infrastructure. The analysis conducted revealed the presence of a malicious DLL, called “fuscom.dll“, and its persistence by...

What is the Cyber Threat Intelligence?

11 Apr

In the nowadays cybersecurity paradigm, Cyber Threat Intelligence plays a leading role. Reactive malware detection tools, firewalls, and analysis through artificial intelligence are not enough: to ensure the security of...

Legitimate Sites used as Cobalt Strike C2s against Indian Government

04 Mar

Introduction Telsy Threat Intelligence team observed an attack against members of the Indian government or local institutions, which uses social engineering themes as an investigation for a cyber attack or...

SideCopy APT: from Windows to *nix

05 Jan

Telsy Threat Intelligence team has observed a spear-phishing campaign conducted by cyber-espionage group SideCopy against critical government entities in India. SideCopy APT: from Windows to *nix As previously published...

Phishing Campaign targeting citizens abroad using COVID-19 theme lures

22 Dec

Telsy Threat Intelligence team has identified a phishing campaign that appears to be targeting citizens abroad by exploiting the COVID-19 theme associated with a potential embassy lockdown status. Introduction...

NOBELIUM again or eCrime operation?

07 Dec

Telsy Threat Intelligence team identified a phishing campaign that seems to target multiple victims based in the United States, Great Britain, and Europe. The campaign appears to have been active since...

Possible attack to Telco company in Middle East

24 Nov

Telsy Threat Intelligence team identified a possible Grunt Covenant multi-stage attack aimed at a major telecommunications company in Iran. Introduction In this article, we will look at the different steps...