SysJoker Malware Threat Alert
SysJoker Threat Alert: zvelo protects clients against SysJoker, a cross-platform backdoor malware attack targeting Linux, Mac, and Windows.
Indicators of compromise (IOCs) are the pieces of evidence collected from a host system (e.g. laptops, servers, mobile phones), applications (e.g. databases), cloud-based capabilities or network when suspicious or malicious activities have been identified.
zvelo’s curated cyber threat intelligence data delivers rich metadata for highly contextualized IOCs and threat signals which can be easily integrated into existing security tools and platforms (including SIEM, SOAR, EDR, MDR, XDR, etc.), for deeper analysis and enrichment by cyber defenders and threat analysts.
Common IOCs (listed in order from the easiest to assess to the most difficult) include file hashes, IP addresses, domain names, network/host artifacts, tools, and tactics, techniques, and procedures (TTPs). zvelo details how its threat detection feeds map to each of these IOCs within the Pyramid of Pain — a model cyber defenders use for Incident Response (IR) and threat hunting.
Emotet’s Return Foreshadows Surge in Ransomware
After a ten-month hiatus Emotet returns with multiple spam campaigns delivering malicious documents, foreshadowing a surge in ransomware.
Threat Alert: Log4j Vulnerability Update
Threat Update: The Log4j vulnerability continues to be actively exploited. Immediate action to update and monitor potentially impacted systems is advised.
Threat Alert: Log4j Used to Exploit Exposed Systems
Threat Alert: The Log4j vulnerability has quickly been weaponized and is being used to exploit exposed systems. Here’s what you should know.
The Value of Curated Cyber Threat Intelligence
Understanding how malicious and phishing threat data gets curated is crucial to assessing the value of curated cyber threat intelligence.
Webinar: 2021 Malicious Trends
This webinar details threat data from the CTI 2021 Malicious Trends Report to help you improve your threat posture and reduce cyber risk.
Mapping zveloCTI to the Pyramid of Pain
See how zveloCTI aligns with the Pyramid of Pain IOCs to help assess the level of difficulty for tracking down an MCA within your environment.
zvelo Releases Malicious Detailed Detection Feed™
zvelo Releases Malicious Detailed Detection Feed with Rich Metadata and IOCs for Blocking and Threat Research on Malicious URLs and Files.
Anatomy of a Phishing Attack
zvelo takes you behind the scenes of a phishing attack to show you the TTPs attackers use to gain network access and establish persistence. There is far more than meets the eye.
Excel 4.0 Macros: Another Old School Attack Method
Weaponizing Excel 4.0 Macros (XLM) is an easy, reliable method attackers use to gain entry into a target network and establish persistence.