Author Archives: Emin Baylarov

Legitimate third-party Platform-as-a-Service (PaaS) providers are becoming increasingly leveraged by threat actors for phishing and malware deployment. PaaS providers such as cloud instances, marketing platforms, content delivery networks (CDN), and dynamic DNS servers have been weaponised for a range of malicious activities. One of the key benefits is that they can be used to evade detection […]

Background:  The Qakbot banking Trojan is one of the top-tier malware families on the current threat landscape. It is distributed in mass spam campaigns, steals confidential information, and has also provided access to ransomware operators. Preventing and detecting this threat has become a priority for many organisations as a successful infection can lead to a […]

I recently encountered an intriguing campaign that uses fake websites to distribute malware. While this technique (TTP) is not new, it appears to be increasing in frequency. From my own observations, I’ve noticed this happening more often in 2023 compared to previous years. Though it’s hard to quantify without in-depth research, it’s something that other […]

A “dead drop” is a well-known espionage tactic of passing items or information between two parties using secret locations. The two parties never meet and any sign of communication is concealed. This tactic is commonly used by intelligence officers to interact with their assets in the field to avoid any suspicious meetings or either caught […]

Background A point of sale (POS) system refers to the critical piece of software used by customers to execute a payment for goods or a service. This also includes the physical devices in stores, where POS terminals and systems are used to process card payments. These are often the primary targets of financially motivated organised […]