threat-analysis - DeepSeas

Threat Analysis

Possible Trigona Ransomware Appearance

A web server with RDP access had been brute forced by an actor who the DeepSeas cyber threat intelligence crew believes may have been trying to deliver and execute Trigona ransomware. The intruder performed many different malicious actions in the client’s environment after gaining initial access; establishing persistence, escalating privileges, evading defenses, performing asset discovery, conducting lateral movement, data collection, and more. Upon review of the intruder’s activities DeepSeas noted that some of the tactics, techniques, and procedures (TTPs) matched previously observed TTPs associated with the actor responsible for the Trigona ransomware.

Threat Actors Targeting Edge Devices – Edge Device Security

DeepSeas cyber defenders are seeing reports of increased attacks by threat actors against edge devices. There are several ways criminals have targeted edge devices, and organizations reporting incidents related to third parties.

Emerging AI Risk: AI Becoming (Unintended) Vulnerability Scanner

With the rise of artificial intelligence (AI) and machine learning (ML), we’re entering a new frontier where the tools designed to help us could inadvertently create new vulnerabilities. A recent observation by the SANS Internet Storm Center highlights this emerging risk in a way that should prompt us all to pause and reflect.

The Top 5 AI Issues Every CISO Should Know

For CISOs, the rapid adoption of AI presents significant security challenges. Dive deeper into the top five AI issues every CISO should know.

Water Sector Cybersecurity Legislation Introduced

Increasing threats from nation-state actors targeting water systems causes introduction of water sector cybersecurity legislation.

Custom Detection Logic Identifies Evasive Credential Dumping Techniques

DeepSeas custom detection logic identified an evasive series of password dumping activity on a Managed Detection & Response (MDR) client.

Most Recent Cybersecurity Insights and Emerging Cyber Threats

A DeepSeas cyber threat analysis by senior expert Luis M. Ponce De Leon highlights critical vulnerabilities like authentication bypass and emerging threats like Cuddlefish malware. Mitigate risks with DeepSeas expertise.

cybersecurity expertise and AI risk thought leadership

Today’s Hottest Cybersecurity Issues and Recommendations

May 2024 brings critical cybersecurity issues: DDoS attacks on honeypots, hidden costs in Amazon S3, privacy concerns in European app markets, and a vulnerability in BentoML. Stay vigilant and take action with DeepSeas’ expertise.

Malware targeting Russian defense contractor

Malware Targeting a Russian Defense Contractor

Findings Summary: Malware Targeting a Russian Defense Contractor On 14 December, DeepSeas automated scanning and analysis encountered a unique piece of malware targeting a Russian defense contractor on VirusTotal. The file in question, listed as 567000-13.rar, contains a .PDF file of the same name, which was likely directed toward an

Join our Team

21% of the DeepSeas crew are Veterans or Active Military Reservists. Join our talented crew of cyber experts.

Threat Analysis

Join our Team

Join Our Deep Partnership Ecosystem