Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Reconnaissance

Below you will find reports with the tag of “Reconnaissance”

image from The Hidden Threat Of Cyberattacks In The Energy And Utilities Industry: 2018 Spotlight Report

The Hidden Threat Of Cyberattacks In The Energy And Utilities Industry: 2018 Spotlight Report

This report offers research on analysis and lifecycle of an attack on critical infrastructure. It discusses command and control, internal reconnaissance, lateral movement, and targeting the ICS and SCADA infrastructure.

(more available)
Added: February 7, 2019
image from Attacker Behavior Industry Report: 2018 Black Hat Edition

Attacker Behavior Industry Report: 2018 Black Hat Edition

The Black Hat Edition of the Vectra® Attacker Behavior Industry Report provides a first-hand analysis of active and persistent attacker behaviors inside cloud, data center and enterprise environments of Vectra customers from January through June 2018.

(more available)
Added: February 7, 2019
image from Attacker Behavior Industry Report: 2018 RSA Conference Edition

Attacker Behavior Industry Report: 2018 RSA Conference Edition

The 2018 RSA Conference Edition of the Vectra Attacker Behavior Industry Report provides a first-hand analysis of active and persistent attacker behaviors inside cloud, data center and enterprise environments of Vectra customers from August 2017 through January 2018.

(more available)
Added: February 7, 2019
image from MEDJACK.4 Medical Device Hijacking

MEDJACK.4 Medical Device Hijacking

This report takes an inside look at the Cyber Security challenge for healthcare today and more specifically looks at the medical device security challenge.

(more available)
Added: February 6, 2019
image from Anatomy Of An Attack: Iranian Nation State Interdiction

Anatomy Of An Attack: Iranian Nation State Interdiction

This report offers deep insight into the threat actor known as Oilrig.

Added: February 6, 2019
image from 2018 Legal Threat Report

2018 Legal Threat Report

From the one page report, “From trade secrets to client information, legal services and law firms have an ethical and legal obligation to protect privileged data. To help you understand the common attack types and trends facing the legal industry, we’ve compiled the following observations based on real data from across our client base.”

(more available)
Added: February 5, 2019
image from The Dark Side Of Asia

The Dark Side Of Asia

In this research report, they uncover the Dark Side of Asia to provide you with an inside look into key trends, laws, motivations and threat actors of the increasingly threatening Asian Internet community.

(more available)
Added: January 25, 2019
image from Beyond Malware: Detecting The Undetectable

Beyond Malware: Detecting The Undetectable

This report discusses a key issue in a Malware-centric defense approach; it will leave you vulnerable to attacks that don’t leverage malware. Read on to learn more.

(more available)
Added: January 1, 2019
image from Operation Sharpshooter

Operation Sharpshooter

This report takes a look at a new global campaign targeting nuclear, defense, energy, and financial companies.

Added: December 29, 2018
image from Cobalt Group

Cobalt Group

Fidelis Threat Research analysts have discovered a new version of ThreadKit, malware notorious for it’s use by the cybercrime organization known as Cobalt Group. This report will provide analysis of a recent campaign, seen October 30th , utilizing the Cobalt Group malware frameworks. Cobalt Group was believed to have suffered a hit earlier this year[1] with the reported arrest of one of its members. After the arrest, the campaigns appear to have slowed significantly however despite this, there has been continued development concerning the groups malware framework.

(more available)
Added: December 14, 2018
image from Observations From The Front Lines Of Threat Hunting

Observations From The Front Lines Of Threat Hunting

This report provides a summary of OverWatch’s findings from intrusion hunting during the first half (January through June) of 2018. It reviews intrusion trends during that time frame, provides insights into the current landscape of adversary tactics and delivers highlights of notable intrusions OverWatch identified. OverWatch specifically hunts for targeted adversaries. Therefore, this report’s findings cover state-sponsored and targeted eCrime intrusion activity, not all forms of attacks.

(more available)
Added: December 5, 2018
image from Threat Group APT28 Slips Office Malware into Doc Citing NYC Terror Attack

Threat Group APT28 Slips Office Malware into Doc Citing NYC Terror Attack

During our monitoring of activities around the APT28 threat group, McAfee Advanced Threat Research analysts identified a malicious Word document that appears to leverage the Microsoft Office Dynamic Data Exchange (DDE) technique that has been previously reported by Advanced Threat Research. This document likely marks the first observed use of this technique by APT28. The use of DDE with PowerShell allows an attacker to execute arbitrary code on a victim’s system regardless whether macros are enabled. (McAfee product detection is covered in the Indicators of Compromise section at the end of the document.)

(more available)
Added: November 15, 2018
image from Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure

Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure

This blog post offers insight into the New ICS Attack Framework “Triton”

Added: November 15, 2018
image from Carbon Paper: Peering into Turla's second stage backdoor

Carbon Paper: Peering into Turla's second stage backdoor

“The Turla espionage group has been targeting various institutions for many years. Recently, we found several new versions of Carbon, a second stage backdoor in the Turla group arsenal. Last year, a technical analysis of this component was made by Swiss GovCERT.ch as part of their report detailing the attack that a defense firm owned by the Swiss government, RUAG, suffered in the past. This blog post highlights the technical innovations that we found in the latest versions of Carbon we have discovered.”

(more available)
Added: November 15, 2018
image from Operation BugDrop: CyberX Discovers Large-Scale Cyber-Reconnaissance Operation Targeting Ukrainian Organizations

Operation BugDrop: CyberX Discovers Large-Scale Cyber-Reconnaissance Operation Targeting Ukrainian Organizations

CyberX has discovered a new, large-scale cyber-reconnaissance operation targeting a broad range of targets in the Ukraine. Because it eavesdrops on sensitive conversations by remotely controlling PC microphones – in order to surreptitiously “bug” its targets – and uses Dropbox to store exfiltrated data, CyberX has named it “Operation BugDrop.”

(more available)
Added: November 15, 2018
image from Insider Information An intrusion campaign targeting Chinese language news sites

Insider Information An intrusion campaign targeting Chinese language news sites

This report reveals a campaign of reconnaissance, phishing, and malware operations that use content and domains made to mimic Chinese language news websites

(more available)
Added: November 12, 2018
image from "Cyber Conflict" Decoy Document Used In Real Cyber Conflict

"Cyber Conflict" Decoy Document Used In Real Cyber Conflict

APT28 sent out a document disguising itself as a flyer relating to the Cyber Conflict U.S. conference. The document contains a VBA macro that executes a new variant of Seduploader. This article analyzes the document and the reconnaissance malware inside.

(more available)
Added: November 12, 2018
image from Several Polish banks hacked, information stolen by unknown attackers

Several Polish banks hacked, information stolen by unknown attackers

Multiple Polish banks have fallen victim to malware. This post contains what information was public about the attack at the time.

(more available)
Added: November 12, 2018
image from Cyber Threats To The Aerospace And Defense Industries

Cyber Threats To The Aerospace And Defense Industries

Read about the threat outlook for aerospace and defense sectors as threat groups seek to gain military and economic advantages.

(more available)
Added: October 26, 2018
image from China's Evolving Approach To "Integrated Strategic Deterrence"

China's Evolving Approach To "Integrated Strategic Deterrence"

This report looks at China’s evolving approach to integrated strategic deterrence. Drawing on a variety of Chinese military writings, this report explores the origins of this concept, how it relates to Chinese development of counter-intervention capabilities, and how Beijing’s assessment of its external security environment influences its requirements.

(more available)
Added: October 25, 2018
image from Global Threat Intelligence Report

Global Threat Intelligence Report

From the Report, “This year’s GTIR utilizes the Center for Internet Security’s Critical Security Controls to identify controls that can be effective at each stage of the Lockheed Martin Cyber Kill Chain® (CKC) . By ensuring that controls exists for each stage of the CKC, organizations can increase their ability to disrupt attacks . We’ve dedicated an entire section and case study to a Practical Application of Security Controls to the Cyber Kill Chain.”

(more available)
Added: October 25, 2018
  • ««
  • «
  • 1
  • 2
  • 3
  • »
  • »»
© Cyentia Institute 2025
Library updated: July 1, 2025 16:08 UTC (build b1d7be4)