Skip to content
      Threat Report
      Featured Threat Research

      Elephant Beetle: Uncovering an Organized Financial-Theft Operation

      For the past two years, Sygnia’s Incident Response (IR) team has been methodically tracking the Elephant Beetle threat group, an organized, significant financial-theft...

      Read More

      Threat Hunting

        Filter by Topic

        Blog Post
        Featured Incident Response Threat Hunting

        End-to-End LOG4SHELL Hunting Strategy

        Log4j2 is a widely used open-source Java logging library developed by the Apache foundation. On December 9, 2021 a critical unauthenticated remote code execution... Read More
        Advisory
        Incident Response Threat Hunting

        Sygnia Advisory: Log4Shell Remote Code Execution

        Updated - December 17, 2021 On December 9, a critical remote code execution (RCE) vulnerability in Java logging library Apache Log4j was made public. The vulnerability,... Read More
        Blog Post
        Incident Response Threat Hunting

        Recent Waves of Phishing Attacks Overpowering Two-factor Authentication

        Real-Time Authentication Phishing Kits implement a Man-in-the-Middle attack technique, allowing threat actors to obtain a live Office365 user session. Conditional Access... Read More
        Threat Report
        Incident Response Threat Research Threat Hunting Ransomware

        Lazarus Group’s Mata Framework Leveraged To Deploy TFlower Ransomware

        Over the past few years, North Korea has turned its offensive cyber operations into a major source of income. On February 17, 2021, the US Department of Justice (DoJ) has... Read More
        Advisory
        Incident Response Threat Hunting Ransomware

        Kaseya Ransomware Supply Chain Attack

        On July 2nd, several managed service providers reported numerous ransomware incidents affecting their clients via Kaseya VSA – an endpoint monitoring and patch management... Read More
        Advisory
        Incident Response Threat Hunting Ransomware

        Detection And Hunting Of Golden SAML Attack

        The SolarWinds software supply chain attack is known to have affected U.S. government agencies, critical infrastructure entities, and private sector organizations by an... Read More