Sekoia.io

🚨 Discover Mamba 2FA, a previously unknown adversary-in-the-middle (AiTM) phishing kit, sold as phishing-as-a-service (PhaaS) ⚠️ 👨💻 In our latest blogpost, Sekoia.io Threat Detection & Research (TDR) team illuminated the infrastructure hosting the phishing pages and developed detection rules to identify Entra ID accounts compromised via this kit. 🛡️ To learn more, click on the link in the comments👇 #AiTM #PhaaS #2FA #MFA #Phishing #ThreatDetection

🕵🏻♀️🛡️L'équipe Threat Detection & Research de Sekoia sera présente ce vendredi à la Volcamp, la conf' tech' au cœur des volcans 🌋 🎙️Retrouvez l’intervention d’Erwan Chevalier et Guillaume Couchard 🥷 sur le thème : “Detection Engineering à grande échelle - un focus sur le long terme” 📆 le 11/10 à 15h45 au FabLab à Clermont-Ferrand📍 ℹ️Plus de détails sur la présentation 👉 https://lnkd.in/exjggjMt À vendredi !

Mark your calendars 🗓️ 🔍 How can cybersecurity experts concretely leverage cyber threat intelligence for investigations and incident response? 👊 Sekoia.io and Filigran have partnered to jointly support organizations in improving knowledge of cyber threats to accelerate the detection and response to security incidents. In this first joint webinar, our experts Jermain Njemanze and Matthew Haynes will dwelve into the intricacies of CTI sharing and operationalization of Sekoia.io’s threat intelligence into OpenCTI, providing concrete use cases based on actual cyberthreats. Are you an experienced cyber expert working in CERT, SOC or CTI teams? This event is for you! 🗓️ Join us on October 29th at 14:00 CET Register now 👉 https://lnkd.in/e4xH-hYk #Webinar #Cybersecurity #ThreatIntelligence #OpenCTI

🧩 This week, we focus on Sekoia.io x Pradeo MTD integration [EN](FR below) 🤖 Sekoia.io SOC platform is built on an #OpenXDR architecture which leverages your security components to drastically improve your detection and response capabilities, thanks to the integrated #SIEM and #SOAR features that rely on many detection functionalities: ☑ Real time CTI/Correlation/ #UEBA detection engines ☑ More than 7M structured and contextualized IoCs ☑ Over 900 built-in verified detections rules, etc. 📄🛡️ The Sekoia.io integrations catalog already includes more than 200 of the most important security solutions on the market (Endpoint, Cloud, IAM, Mail, Network etc.), in particular the Pradeo MTD solution one whose documentation you can find here: https://lnkd.in/exkfCwif ================== 🧩 Cette semaine, focus sur l’intégration Sekoia.io x Pradeo MTD 🤖 La plateforme SOC Sekoia.io est battie sur une architecture Open XDR qui tire profit de vos composants de sécurité afin d’améliorer vos capacités de détection et de réponse et ce grâce aux fonctions intégrées de SIEM et de SOAR qui s’appuient en particulier sur : ☑ Plusieurs moteurs de détection (CTI/Correlation/UEBA) temps réel ☑ Plus de 7 millions d’IoCs structurés et contextualisés ☑ Plus de 900 règles de détection vérifiées 📄 🛡️ Le catalogue des intégrations de Sekoia.io comprend déjà plus de 200 solutions de sécurité du marché (Endpoint, Cloud, #IAM, Mail, Réseau etc.), et en particulier la solution Pradeo MTD dont vous trouverez la documentation ici 👇 https://lnkd.in/exkfCwif

🔍 Looking for unmatched IoC hunting & retro hunting capabilities? 🤯 Scaling retro hunting activities on massive amount of data can be a daunting task. Searching manually for IoCs is no longer sustainable. 🎉 Have a look at how Sekoia Defend can help you scale by providing capabilities to automatically search for millions of IoCs in your security logs. 👇 Check out our new blogpost (link in the comments) #CyberSecurity #ThreatHunting #IoC #CyberThreatIntelligence #SekoiaDefend #Automation #Infosec #RetroHunt

Happy to participate to BT Group’s cyber forum at the British Embassy in France today, and to present with our Chief intelligence officer François Deruty the current threat landscape as we see it with the Threat Detection & Research team - Sekoia TDR 🥷. Great talk by Samuel Hassine from our partners at Filigran Thank you to the organizers and all participants! British Embassy Paris Cyril Simonnet Abdoulaye F.

🤝 Sekoia.io and Connex Information Technologies team up for cybersecurity! 🤝 🌏 We are happy to announce our partnership to deliver top SOC services across Asia and Oceania. 🚀 Leading value-added technology distributor with 150 channel partners over 15 countries/territories, Connex IT will facilitate the development of managed SOC services based on Sekoia SOC Platform, and leveraging our expertise in cyber threat intelligence. ‣ Do you have a SOC creation project, or are you fed up with your current SIEM? ‣ Do you need a control tower to manage several clients or IT systems in a multitenant architecture? ‣ Do you wish to improve detection & response capabilities covering your whole attack surface including cloud environments? 🤩 You can now leverage the best SOC platform / XDR / Next-Gen SIEM technology on the market and a trusted partner to operate it. 🛡️

🔍 Threat Analysis: Infrastructure controlling compromised devices. ⏳ Since mid 2023, Sekoia TDR team investigated an infrastructure which controls compromised edge devices transformed into Operational Relay Boxes used to launch offensive #cyberattack☄️ 📈 The infrastructure has constantly evolved with a total of 63 servers identified and analysed and is still operating at the time of publication of this report. 💡Several clues lead us to suggest that this infrastructure may support the operations of various intrusion sets. And you can explore our attribution hypotheses in our new blog post. (Link in the comments👇). 🛡️You will also have the opportunity to discover: ‣ A detailed analysis of the infrastructure and the different types of hosts identified ‣ A map of the countries infected and targeted by these malicious operations ‣ A list of indicators of compromise identified during our investigation 📖 Check out this blogpost via the link in the comments.👇 #ThreatIntelligence #MalwareAnalysis #CTI

We are thrilled to be participating in two weeks to MSSP Alert Live summit in Austin, Texas! 🇺🇸 Looking to boost managed SOC activities? Sekoia SOC platform is here for you. 🫵 Will you be there? Drop us a message to have a chat! 👋 #MSSP #SOC #event #cybersecurity

🚨On September 17, 2024, our Threat Detection & Research team uncovered an infection targeting both Windows and Linux systems via WebLogic vulnerabilities (CVE-2017-10271 & CVE-2020-14883). Attackers deployed #K4Spreader, which installed the Tsunami backdoor and a cryptominer. 🛡️Shortly before, AquaSec revealed that #Hadooken malware leveraged a configuration vulnerability in WebLogic, resulting in similar infections. 🔎 Our cross-analysis linked these attacks to the notorious 8220 Gang, previously documented by Cisco Talos in 2018. Based in China, this group exploits cloud environments to mine Monero. 💡Read our latest blog post for an in-depth look at these infection chains, connections to the #8220Gang, victimology and insights into the Hadooken case documented by AquaSec (see link in comment👇) #CyberSecurity #Cryptomining #CTI #ThreatDetection #ThreatIntelligence