Blog
Linking and tracking UAC-0056 tooling through code reuse analysis
Author: Carlos Rubio from Threatray Labs Published on: 01.03.2023 Multiple blogs have reported about recent activities and tooling of UAC-0056 (also known as Nodaria, SaintBear, TA471). Malwarebytes (April 22) and Mandiant (July 22) report about the “Elephant toolchain” apparently used by UAC-0056. The toolchain consists of Elephant Stealer (GraphSteel), Elephant ... Read more
Threat updates – A new IcedID GZipLoader variant
Author: Markel Picado and Carlos Rubio from Threatray Labs Published on: 25.02.2022 Summary IcedId is a modular banking Trojan discovered in 2017. It is one of the most prevalent malware families in recent years, targeting financial information and acting as a dropper for other malware families, such as Vatet, Egregor, ... Read more
Establishing the TigerRAT and TigerDownloader malware families
Author: Markel Picado Ortiz Published on: 22.12.2021 Executive Summary Recent research by Malwarebytes (April 2021), Kaspersky (June 2021) and the Korean CERT (September 2021), reports about attacks on South Korean entities, employing new techniques and malware not previously identified. The initial report by Malwarebytes attributes the attack to the Lazarus ... Read more
Antti Tikkanen
Antti Tikkanen has nearly two decades of experience in malware research and malware detection methods. He worked as Director of Response at F-Secure Corporation (now WithSecure), protecting millions of end users from cyberattacks.
While working as Engineering Manager in the Google TAG threat intelligence team in Zurich, his team built large-scale malware analysis pipelines to protect Google and its users.
The team was responsible for tracking state-sponsored attacks and cybercrime across the globe.
Antti currently leads the digital forensics and incident management EMEA team at Snap Inc.
Freddy Dezeure
Freddy Dezeure graduated from the KUL University in Belgium in 1982, with a master of science in engineering. He was CIO of a private company from 1982 until 1987. He joined the European Commission in 1987 where he held a variety of management positions in administrative, financial and operational areas, in particular in information technology.
He founded CERT-EU, the Computer Emergency and Response Team of the EU institutions, agencies and bodies in 2011. Until May 2017 he held the position of the Head of CERT-EU.
Presently, he is an Independent Advisor in cybersecurity and cyber-risk management and he acts as Board Member and Advisory Board Member in several high-tech companies. He is a highly respected keynote speaker and is very active in the cybersecurity community. He is leading the EU MITRE ATT&CK Community.
@FDezeure
Mathias Wegmüller
Matthias is a highly accomplished entrepreneur, board member and investor. He has multi-year expertise in digital transformation, facilitating the effective execution of digital engagement initiatives. A passionate, action-oriented and motivational team leader, Mathias Co-founded Qumram in 2011 and led it in different roles until the successful exit and trade-sale in November 2017 to Dynatrace.
Pierre Noel
Pierre has over 30 years of international experience in Information Security, Data Privacy, and Enterprise Risk Management. He is in charge of the nation-wide Swiss Finance Service cybersecurity information sharing program. Previously, Pierre was the Chief Security Officer for Microsoft, covering the wide Asian region and the Chief Security & Privacy Officer (CSPO) for Huawei Worldwide He designed, built, and operated complete Security and Enterprise Risk Management environments for Governments, Finance, Transport, and large conglomerate industries over the World. Pierre was the advisor to three large nations in Australasia, working directly with their ministers or presidential offices in building nationwide cybersecurity & privacy programs. He is a member of the board of advisors of Airbus Industries and also sits on the board of several established and start-up organizations in the field of CyberSecurity and Privacy.
Thomas Dübendorfer
Thomas Dübendorfer holds a Ph.D. in computer science from ETH Zurich and is the president of the Swiss ICT Investor Club (SICTIC). He has worked at HP Research Labs in Silicon Valley and seven years at Google on security engineering projects. He is an angel investor in more than twenty tech startups in Switzerland. UBS, Nasdaq, Lufthansa, Adobe, Swiss Re and many other highly ranked companies are customers of tech startups that he co-founded. He was honoured as “Top 100 Digital Shapers of Switzerland” in 2016 and 2018 and as “Top 200 most prominent persons of Zurich, Switzerland” in Who Is Who in Zürich 2019. He has published a paper on Web browser security that got downloaded more than 100’000 times and that proved Web browsers with silent security update mechanisms to protect their users significantly better from vulnerabilities than others.
Peter Stalder
After studying Computer Science at the ETH in Zurich, Peter worked as a software developer, system technician, consultant and project lead in multiple industry projects. He was the CTO of Finnova, a leading banking software in Switzerland, for 20 years. At Finnova, he was responsible for the System- and Software Architecture, as well as the development of its core technologies. In 2015, Peter transitioned to independent consulting and now supports startups with his experience.
Ariel F. Lüdi
As the CEO of Hybris Software, Ariel was instrumental to make Hybris become the global leader in omnichannel commerce and the sale to SAP in 2013 for around 1.5 B USD. Since then, Ariel is investing in and coaching innovative IT start-ups. Prior to joining Hybris, he held senior positions at Salesforce.com, BroadVision and Oracle. Ariel studied Physics at ETH in Zurich.
Jonas Wagner
CTO and Co-Founder
Jonas is founder and CTO of Threatray
Jonas has over 10 years of professional experience in software engineering, with a focus on machine learning and cyber security data analysis. He holds a M.Sc. in Computer Science from the Bern University of Applied Sciences, where he spent years researching and developing the core algorithms that now power Threatray.
Endre Bangerter
CEO and Co-Founder
Endre Bangerter is founder and CEO of Threatray.
Endre has over 20 years of experience in Information Security and Cyber Defense. He has been serving as a malware analyst for the government and as a technical consultant for Accenture and IBM. Endre has rich experience in developing novel IT security technologies gained while working at IBM Research in Zurich and as a professor and lab director at Bern University of Applied Sciences. He has a Ph.D. in IT security from the Horst Görtz Institute For IT-security at the University of Bochum in Germany.
