Author Archives: Emin Baylarov

In 1937, one of the world’s most authoritative art historians, Abraham Bredius, was approached by a lawyer on behalf of a Dutch family estate to inspect a painting of a Christ and the Disciples at Emmaus (pictured above). Bredius dedicated many years of his life studying the artwork of Johannes Vermeer. After inspecting the painting, […]

A new web skimmer called “Meyhod” has recently been disclosed by RiskIQ. Named after a typo in its code, this malware first surfaced in October, targeting several e-commerce sites, including Bosley, a hair treatment company, and the Chicago Architecture Center (CAC). While investigating the attacker’s domain (jquerycloud[.]com) a bit further and other potential victims from […]

As my final blog post of 2020, I’d like to share a brief checklist to help users and researchers stay safe online. Many attackers use broad, sweeping methods, and those who overlook the basics are often the first to be compromised. This guide aims to support those who are beginning their journey into Operational Security […]

Prologue I find uncovering new campaigns and sharing research on novel threats is one the most enjoyable parts of my job as a CTI researcher. Especially the types of threats not many other researchers really spend much time investigating, or at least those who do rarely disclose their findings publicly. My investigation on the RedZei group is […]

Executive summary: Threat actors continue to leverage the NetWire Remote Access Trojan (RAT) in malicious spam email attacks using low-detection scripts, URL shorteners, and the Discord content delivery network (CDN).  The Infection chain begins with a targeted email from the t-online[.]de mail service. These contain an XLS file or ZIP archive that, if opened, triggers […]