Topic: Cyber investigations and threat intelligence

All aboard! How hackers are moving in on the transit sector
By Howard Marshall
June 22, 2020
Accenture's blog reveals public transportation systems can face a range of threats from financially and politically motivated cyberthreat actors. Read more.
Threat actors update phishing techniques to take advantage of cloud transitions
By Heather Larrieu
May 27, 2020
Accenture Security CIFR team has seen threat actors update their phishing techniques to take advantage of the rapid adoption of cloud-based SaaS. Read more.
Look out, C2 communications: PXJ may be coming for you
By Nancy Strutt
May 18, 2020
Accenture iDefense analysts have uncovered details about command-and-control communications in a dangerous new PXJ ransomware variant. Read more.
Extortion entrepreneurs: How cybercriminals are bullying businesses
By Paul Mansfield
May 8, 2020
In this blog post, Accenture's Paul Mansfield describes various threat actor tactics used to extort organisations. Read more.
Citrix virtual hard disk analysis: Don't miss coins in your swap
By Mark McCurdy
Larry McDonald
Heather Larrieu
April 24, 2020
The Accenture Security Cyber Investigation and Forensics Response (CIFR) team investigated a potential exploit of a Citrix NetScaler appliance. Read more.
New Click2Gov Threat: Sophisticated, Sneaky and Dangerous
By Alireza Salimi
Jeffrey Beley
April 14, 2020
Accenture's CIFR team investigates new Click2Gov breaches attempted by the hackers responsible for the 2017 and 2018 threats as well. Read more.
Looking back to see the future: CIFR DeLorean - 2020 Edition
By Ryan Leininger
February 26, 2020
iDefense analyzes 2019 Cyber Investigation and Forensics Response (CIFR) data and predicts trends for 2020. Learn more.
E-commerce under attack
By Paul Mansfield
December 2, 2019
This blog explains some of the ways e-commerce businesses are targeted and actions both customers and businesses can take to mitigate these threats. Read more.
Threat hunting: Disrupting advanced adversaries
By Jeffrey Beley
Ryan Leininger
September 18, 2019
This blog post takes a deep dive into Accenture’s threat hunting approach, exploring the phases of the cycle and sharing a recent case study.
New version of MegaCortex targets business disruption
By Leo Fernandes
August 5, 2019
iDefense engineers identified and analyzed an updated version of the dangerous ransomware MegaCortex. Learn more.
What’s the cyber future for financial services?
By Valerie Abend
April 26, 2019
Our report, “Future cyber threats: Extreme but plausible threat scenarios in Financial Services,” describes cyber attack scenarios for financial services.
Care and feeding of your active threats
By Accenture Incident Response
March 11, 2019
If you want your organization to experience well-established active cyber threats, keep these lessons in mind. Read more.
Mudcarp's focus on submarine technologies
By Accenture Cyber Threat Intelligence
March 5, 2019
iDefense analysts have likely identified the contractor targeted by the threat group MUDCARP, in addition to supply chain assets, universities and labs.
SNAKEMACKEREL delivers SedUploader malware
By Accenture Cyber Threat Intelligence
February 13, 2019
This blog post intends to provide early indication and warning notice about an opportunity for SNAKEMACKEREL actors to conduct attacks. Learn more.
Threat hunting: Improving resilience with an intelligence-driven, hypothesis-based approach
By Justin Harvey
Ryan Leininger
February 5, 2019
Accenture's approach to threat hunting combines actionable intelligence with testable hypotheses to drive outcome-based operations. Learn more.
Pond Loach delivers BadCake malware
By Accenture Cyber Threat Intelligence
January 17, 2019
During 2018, iDefense observed several events likely attributed to the POND LOACH threat group, an adversary that has likely been active since 2013. Learn more.
SNAKEMACKEREL delivers Zekapab malware
By Accenture Cyber Threat Intelligence
November 29, 2018
iDefense analysts identified a campaign by SNAKEMACKEREL using a BREXIT-themed lure document to deliver the Zekapab first-stage malware. Learn more.
iDefense Anomali Detect ’18 recap
By Accenture Cyber Threat Intelligence
October 16, 2018
Members of Accenture's Cyber Threat Intelligence team presented original research on a group called MUDCARP at the 3rd annual Anomali Detect conference.
Goldfin security alert
By Joshua Ray
August 2, 2018
A series of cyberattacks using a malware family called SOCKSBOT was used by a threat group in an 18-month-long campaign dubbed Goldfin. Learn more.
Hogfish alert
By Joshua Ray
April 23, 2018
HOGFISH, also known as APT10, is an espionage threat group that has been heavily targeting Japan and Western organizations since as early as 2009. Learn more.
Monero/WannaMine alert
By Joshua Ray
March 22, 2018
Monero is rapidly becoming the cryptocurrency of choice in the cybercriminal underground economy. Learn more.
Elise malware alert
By Joshua Ray
January 28, 2018
After the first attack in 2015, a new form of the Elise malware has been identified by the iDefense team in Accenture Security. Learn more.
TRITON/TRISIS malware alert
By Joshua Ray
January 23, 2018
TRITON (also known as TRISIS or HatMan) is a destructive malware and framework that can alter and disrupt operations of safety instrumented systems. Learn more.
CRASHOVERRIDE malware alert
By Joshua Ray
January 10, 2018
Examination of a power outage in Kiev, Ukraine in December 2016 identified a malware framework known as CRASHOVERRIDE or INDUSTROYER. Learn more.
WANACRYPT0R malware alert
By Joshua Ray
May 20, 2017
In May 2017, the WanaCrypt0r/WannaCry ransomware attack affected 47 National Health Service trusts in the U.K. Learn more.
View All
Subscription Center
Subscribe to Accenture's Cyber defense blog Subscribe to Accenture's Cyber defense blog
Subscribe