Espionage cluster Paper Werewolf engages in destructive behaviorThe adversaries employ PowerShell and their own crafted malware to penetrate the infrastructures of Russian organizationsDec 25, 2024Dec 25, 2024
Venture Wolf attempts to disrupt Russian businesses with MetaStealerBI.ZONE Threat Intelligence has discovered a previously unknown cluster whose activity can be traced back to November 2023. Dubbed Venture…Nov 5, 2024Nov 5, 2024
Exploring CVE-2024–38227 vulnerability in Microsoft SharePointOn September 10, Microsoft released another batch of updates addressing 79 vulnerabilities in its products. Among the patches that caught…Oct 25, 2024Oct 25, 2024
Core Werewolf hones its arsenal against Russia’s government organizationsAdversaries experiment with new tools and malware delivery methods.Oct 10, 2024Oct 10, 2024
Wreaking havoc in cyberspace: threat actors experiment with pentest toolsA new research by BI.ZONE Threat Intelligence reveals how adversaries attempt to bypass cybersecurity systems.Oct 8, 2024Oct 8, 2024
Zooming in on CVE-2024–7965On August 21, Google released an update for Chrome, fixing a total of 37 security flaws. Researchers across the globe paid their attentionSep 23, 2024Sep 23, 2024
Breaking down CVE-2024–38063: remote exploitation of the Windows kernelWe have examined the Windows TCP/IP network stack flaw that could grant adversaries remote access with maximum privileges. Exploiting…Sep 3, 20241Sep 3, 20241
Stone Wolf employs Meduza Stealer to hack Russian companiesA new cluster of activity abuses a legitimate brand to spearphish for credentials and system dataSep 2, 2024Sep 2, 2024
Bloody Wolf strikes organizations in Kazakhstan with STRRAT commercial malwareSince late 2023, BI.ZONE Threat Intelligence experts have been tracking the activity of Bloody Wolf. The cluster attacks organizations in…Jul 31, 2024Jul 31, 2024
Sapphire Werewolf polishes Amethyst stealer to attack over 300 companiesThe adversaries use the open-source SapphireStealer to create their own malware for collecting employee authentication data from Russian…Jun 5, 2024Jun 5, 2024