The evolution of Dark Caracal tools: analysis of a campaign featuring Poco RAT

In early 2024, analysts at the Positive Technologies Expert Security Center (PT ESC) discovered a malicious sample. The cybersecurity community named it Poco RAT after the POCO libraries in its C++ codebase. At the time of its discovery, the sample Read More …

President Urges Colombians to Check Their Phones for Pegasus Spyware

“Anyone who suspects illegal infection of their phones can consult this page or use the government service we will provide. I urge young people, especially those connected to youth leaders who disappeared or died during the strike, to use these Read More …

BlindEagle flying high in Latin America

BlindEagle, also known as “APT-C-36”, is an APT actor recognized for employing straightforward yet impactful attack techniques and methodologies. The group is known for their persistent campaigns targeting entities and individuals in Colombia, Ecuador, Chile, Panama and other countries in Read More …

After ransomware hits Colombian energy firm, Moody’s says low patch rate suggests inadequacies in cyber practices

A ransomware attack at top Colombian energy company Empresas Publicas de Medellin (EPM) may damage its credit quality, setting an alarm clock for the critical infrastructure industry to develop efficient mitigation practices and vulnerability management programs, Moody’s said. EPM, one Read More …

Swiss encryption company secretly owned by U.S. and German intelligence agencies

The U.S. intelligence community actively monitored for decades the diplomatic and military communications of numerous Latin American nations through encryption machines supplied by a Swiss company that was secretly owned by the CIA and the German intelligence agency, BND, according Read More …

Spam Campaign Targets Colombian Entities with Custom-made ‘Proyecto RAT,’ Uses Email Service YOPmail for C&C

We observed a recent campaign that primarily targets financial institutions and governmental organizations in the South American region, particularly in Colombia. This blog post covers the activities we observed, the remote access tools (RATs) used, the campaign’s techniques and procedures, Read More …