Securonix Threat Research Archives

Securonix Threat Research: KRONOS/Osiris Banking Trojan Attack

The KRONOS malware was first discovered in June 2014 as a Banker Trojan available for purchase in a Russian underground forum for $7,000. After staying dormant for few years, a new variant of KRONOS, known as Osiris, was discovered in...

Securonix-Threat-Research-Cosmos-Bank-Report_Page_01

Securonix Threat Research: Cosmos Bank SWIFT/ATM US$13.5 Million Cyber Attack Detection Using Security Analytics

The Securonix Threat Research team recently learned of a new high-profile cyber attack targeting SWIFT/ATM infrastructure of Cosmos Bank (COSDINBB), a 112-year old cooperative bank in India and the second largest in the country, resulting in over US$13.5 million stolen.

Securonix Threat Research: GandCrab Ransomware Attack

The GandCrab ransomware attacks are some of the most prevalent ransomware threats of 2018. In recent months, the GandCrab attackers were able to infect more than 50,000 victims and generate more than $600,000 in ransom payments from victims. Securonix Threat...

Securonix Threat Research: Cryptojacking Attacks

Cryptojacking is the unauthorized use of someone else’s computer to secretly mine cryptocurrency (also known as virtual or digital currency). According to a recent report from Fortinet, Cryptojacking attacks impacted over 28 percent of companies this year, a spike representing...

Securonix Threat Research: SamSam Ransomware Detection Using Security Analytics

SamSam is a prevalent ransomware that has been observed across multiple industries including healthcare, government, and critical infrastructure/ industrial control systems (ICS) in 2016, 2017, and 2018. In March, the ransomware targeted five of the Atlanta’s thirteen local government departments...

Securonix Threat Research: Olympic Destroyer aka NotPetya v2 “False Flag” Cyber Sabotage Attack Detection Using Security Analytics

Last month, we learned of a new cyber attack against the 2018 Winter Olympic Games in South Korea. Securonix Threat Research Team has been actively investigating and monitoring this attack since the attack was reported to help our customers understand...

Securonix Threat Research: Spectre and Meltdown Vulnerabilities

Securonix Threat Research Team (STR) has been actively investigating the details of the Spectre and Meltdown Side-Channel Information Disclosure Vulnerabilities since last week to help our customers mitigate/respond to the vulnerabilities.

Securonix Threat Research: Uber Hack: Software Code Repository/VCS Leaked Credential Usage Detection

Just about a week ago we learned of a new cyber attack, this time involving Uber–the leading ride-sharing app and company. Uber disclosed that it paid hackers $100,000 so that they would delete sensitive data stolen from Uber data stores....

Securonix Threat Research: Detecting Bad Rabbit Cyber Attack Using Security Analytics

On October 24, 2017, we learned of a new cyber attack involving the Bad Rabbit ransomware malicious implant (MI)/threat instance. Securonix Threat Research Team has been actively investigating and closely monitoring this attack since the attack was launched to help...

Securonix Threat Research: Equifax Cyber Security Data Breach Exposes 145.5 Million Personal Records

On September 7, 2017, we learned of a massive cyber attack/data breach targeting Equifax. Securonix Threat Research Team has been actively investigating the details of the attack to help our customers detect/mitigate/respond to such attacks. Here is a summary of...

Securonix Threat Research: Carbanak/FIN7/Anunak Reappears, Causes Losses

In August 2017, we learned of new attacks by a persistent malicious cyber threat actor known by the name of Carbanak aka FIN7 [1]. The most recent attack variants have been targeting mainly chain restaurants, hospitality, and casino industry in...

Securonix Threat Research: New Ransomware PetrWrap/GoldenEye/Nyetya Sweeping Across The Globe

On June 27, 2017, The Securonix Threat Research team learned of a new large-scale ransomware cyber attack involving the PetrWrap aka GoldenEye aka Nyetya malicious implant (MI) instance. We have been actively investigating and closely monitoring this high-profile attack since...

Securonix Threat Research