Blog - RH-ISAC

On March 16, 2023, SentinelLabs researchers reported the technical details of a cyberespionage campaign against government and telecommunications companies in multiple enterprises which they attribute to the Winter Vivern threat group. Context SentinelLabs researchers assess that current Winter Vivern activities align closely with Belarussian and Russian government interests. The SentinelLabs report is based on recent…

Digital transformation efforts continue to accelerate and are pivotal for industries to sustain business and ensure growth. The major challenge is securing applications against malicious bots. Marshalling the resources to achieve this requires explaining the quantitative and qualitative impacts bots have on your business in terms your board and C-Suite will understand. As a business…

Context During the second half of 2022, multiple RH-ISAC member analysts reported observing increases in fraud and phishing activity targeting popular social media figures and user-generated content (UGC) creators (i.e. “influencers”) leveraging member brand names as part of the scams. The fraud activity spikes observed in the past few months have been both prolific and…

The RH-ISAC intelligence team is publishing a catalog of the most prominent and prolific threat groups targeting our community as a resource for analysts. The catalog will be available via the RH-ISAC MISP instance and will include useful data on threat groups, including: Known aliases Background information and a brief history Prominent open-source incidents attributed…

On February 20, 2023, researchers with Sekoia.io reported the technical details of a new infostealer malware advertised for sale as “Stealc” by developers on dark web criminal forums. Context According to the report, “The threat actor presents Stealc as a fully featured and ready-to-use stealer, whose development relied on Vidar, Raccoon, Mars and Redline stealers.”…