top of page

Security Joes
Jul 19, 20242 min read
Crowdstrike Global Outage: Effective Solutions To Mitigate The Impact
Crowdstrike outage
6,0440

Security Joes
Jul 15, 202414 min read
Security's Achilles' Heel: Vulnerable Drivers on the Prowl
A notable trend in cyber threats nowadays is the exploitation of vulnerabilities in drivers through the Bring Your Own Vulnerable Driver...
2,8810

Security Joes
Jan 1, 20248 min read
Hide and Seek in Windows' Closet: Unmasking the WinSxS Hijacking Hideout
Our investigation has revealed an innovative approach that leverages executables commonly found in the trusted WinSxS folder and exploits...
14,3220

Security Joes
Nov 10, 20235 min read
Mission "Data Destruction": A Large-scale Data-Wiping Campaign Targeting Israel
Mission "Data Destruction": A Large-scale Data-Wiping Campaign Targeting Israel
2,7220

Security Joes
Oct 30, 20235 min read
BiBi-Linux: A New Wiper Dropped By Pro-Hamas Hacktivist Group
Security Joes Incident Response team volunteered to assist Israeli companies during the times of war between the state of Israel and the...
14,7890

Security Joes
Sep 4, 202318 min read
New Attack Vector In The Cloud: Attackers caught exploiting Object Storage Services
Security Joes Incident Response team recently became aware of a set of relatively new CVEs that were released at the end of March 2023....
9,6980

Security Joes
Jun 27, 202314 min read
Process Mockingjay: Echoing RWX In Userland To Achieve Code Execution
Our research team is committed to continuously identifying potential security vulnerabilities and techniques that threat actors may...
25,0930

Security Joes
Mar 15, 20234 min read
Microsoft Patch Tuesday: Two Actively Exploited 0-Days & 9 Critical CVEs
Microsoft's latest Patch Tuesday rollout for March 2023 has included a staggering 80 security patches, with nine vulnerabilities being...
8710

Security Joes
Mar 12, 20234 min read
Threat Alert: Silicon Valley Bank Crash Triggers Cybersecurity Risks
On Friday, Silicon Valley Bank, a prominent lender to the technology industry, collapsed, causing panic among its customers and...
4380

Security Joes
Feb 1, 202313 min read
Operation Ice Breaker Targets The Gam(bl)ing Industry Right Before It's Biggest Gathering
In September of last year, our Incident Response team was called to an incident that was identified as an attempt of social engineering...
6,9760

Security Joes
Jan 2, 20238 min read
Raspberry Robin Detected ITW Targeting Insurance & Financial Institutes In Europe
Recent attacks documented in previous months seem to be orchestrated by hacking groups using a framework called Raspberry Robin. This...
9,1050


Security Joes
Dec 11, 20224 min read
Open {Your} A{Eyes} - 2023 Predictions
Security Joes is a multi-layered incident response and MDR firm based out of Israel. It had been invited to investigate numerous...
3010


Security Joes
Dec 2, 20221 min read
FBI, CISA say Cuba ransomware gang extorted $60M from victims this year
According to TechCrunch, "The Cuba ransomware gang extorted more than $60 million in ransom payments from victims between December 2021...
810

Security Joes
Sep 14, 20221 min read
Dissecting PlugX To Extract Its Crown Jewels
PlugX is a malware family first spotted in 2008. It is a Remote Access Trojan that has been used by several threat actors and provides...
5360


Security Joes
Sep 1, 20221 min read
Another European nation hit by hackers, Montenegro grapples with ongoing ransomware attack
According to Cyberscoop, "Multiple Montenegrin government websites remained inaccessible Friday, a week after government officials there...
700


Security Joes
Aug 25, 20221 min read
Iranian Hackers Still Exploiting Log4j Bugs Against Israel
According to BleepingComputer, "Hackers continue to exploit the Log4j vulnerability in vulnerable applications, as shown by the Iranian...
650


Security Joes
Jun 15, 20221 min read
Backdoor Via XFF - Mysterious Threat Actor Under Radar
Our incident response team caught a strange-looking Webshell activity on a server that was running an internal web application. It raised...
1980

Security Joes
Mar 9, 20221 min read
Sockbot in Goland - Linking APT Actors With Ransomware Gangs
Our incident response team had responded to malicious activity in one of our clients' network infrastructure. A compromised Secure Access...
1350


Security Joes
Mar 9, 20221 min read
Hackers fork open-source reverse tunneling tool for persistence
Security experts have spotted an interesting case of a suspected ransomware attack that employed custom-made tools typically used by APT...
1130


Security Joes
Dec 7, 20212 min read
Cuba Ransomware Hit 49 Critical Infrastructure Companies, Extracted $44m in Ransom
According to SpiceWorks, "The FBI has raised an alarm about the Cuba ransomware gang compromising critical infrastructure companies at an...
430
bottom of page