Vishing + ClickFix: Calls Impersonating Google Ads
Merabytes has identified an active vishing campaign combining automated calls, caller ID spoofing from the official Google Ads number, real-time social engineering,...
Anatomy of a CloudLOL Fraud: PayPal Invoice Abuse
How we detected a phishing campaign using legitimate PayPal invoices to distribute malicious PDFs with redirect chains through trusted cloud services.
BEC Fraud NetSupport RAT: Logistics
Forensic analysis BEC fraud with Python Loader, Telegram C2 and NetSupport RAT in logistics sector. SentinelOne evasion detected by SOC.
CloudLOL Fraud Detection: Manufacturing
How we detected and blocked SharePoint attack that evaded SPF/DKIM/DMARC in manufacturing sector. Real Adversary-Aware SOC case.
Qilin Ransomware: Industrial Response
Forensic analysis Qilin ransomware in industrial company. Fortinet exploitation, MITRE tactics and SOC response. Lessons learned.
OneDrive B2B Phishing: Industrial Sector
Identification and blocking of OneDrive B2B phishing campaign targeting the industrial sector. SOC behavioral detection.
Trigona Ransomware: Forensic Analysis 2023
Forensic analysis Trigona ransomware November 2023. RDWeb access, data exfiltration and SOC response.