Each month SEKOIA.IO updates the configuration of its collection playbooks to automatically gather Indicators of Compromise (IoCs) of new threats. Our collection playbooks are aggregating, enriching and contextualising IoCs from community threat intelligence feeds (URLhaus, ThreatFox, and others) and analysis of Hatching Triage sandbox. This time, we have added:

• Some new or recent ransomware families: Lilith, RedAlert, Maui, DarkyLock, Surtr, CryLock;
• Recent Android trojan: Hermit, Ermac, Brata;
• And other malware families, such as Vulturi, Merlin, EnvyScout, etc.

SEKOIA proactively monitors newly emerging ransomware, as well as the threat groups operating it. If you want to know more about the mid-2022 ransomware threat landscape, read our last blog post on the subject!

Related resource:

• SEKOIA.IO Mid-2022 Ransomware Threat Landscape