Commercial Sales Development Representative

Microsoft security researchers have identified a new malware threat targeting popular crypto wallet extensions including MetaMask and Phantom.The StilachiRAT remote access trojan was first discovered in November 2024 and has since been deeply analyzed to reveal the depth of this threat. Specifically, it can target crypto wallets.MetaMask, Coinbase, Phantom, Keplr and more could be at risk as the RAT is able to scan for cryptocurrency wallet extensions in the Google Chrome browser. It can then extract and decrypt saved credentials to access usernames and passwords.The information gathering RAT can continuously monitor clipboard content, as it actively hunts for sensitive information like cryptocurrency keys and passwords.The researchers shared examples of the regular expressions the RAT uses to scan clipboard contents for credentials, noting that they're seeking information related to the Tron network—which is particularly popular in China.Microsoft says that StilachiRAT targets specific wallets including: Bitget Wallet, Trust Wallet, TronLink, MetaMask, TokenPocket, BNB Chain Wallet, OKX Wallet, Sui Wallet, Braavos - Starknet Wallet, Coinbase Wallet, Leap Cosmos Wallet, Manta Wallet, Kepler, Phantom, Compass Wallet for Sei, Math Wallet, Fractal Wallet, Station Wallet, ConfluxPortal, and Plug.Aaron Walton, Threat Intel Analyst at Expel, told Decrypt: "Infostealing malware, leverages social engineering to trick users into downloading and executing malicious code. These lures range from everything from a download, to a job offer, or even a fake-captcha that interrupts a user while web browsing."There is big money to be made and the tactics criminals are using can bypass basic security and even business level defenses."StilachiRAT appears to be using anti-forensic behaviors, including clearing event logs and evading detection.The Microsoft Incident Response team says: "Based on Microsoft’s current visibility, the malware does not exhibit widespread distribution at this time. However, due to its stealth capabilities and the rapid changes within the malware ecosystem, we are sharing these findings as part of our ongoing efforts to monitor, analyze, and report on the evolving threat landscape."Edited by Stacy Elliott.Daily Debrief NewsletterStart every day with the top news stories right now, plus original features, a podcast, videos and more

MDR pioneer extends lead in cloud security with expanded cloud control plane coverage, continues its commitment to multi-cloud organizationsHERNDON, Va., March 12, 2025 /PRNewswire/ -- Expel , the leading managed detection and response (MDR) provider, today announced expanded cloud control plane MDR coverage to include Oracle Cloud Infrastructure (OCI). Expel is the first MDR services provider to cover OCI environments, and with this announcement extends its established leadership position in managed cloud detection and response.In addition to OCI, Expel offers leading MDR services for Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure. Coupled with support for Kubernetes and multiple cloud security tools like Wiz, Lacework, and Orca, the Expel MDR ™ is uniquely suited to provide comprehensive protection for multi-cloud environments. Approximately 80% of organizations operate in multi-cloud or hybrid cloud environments, and many lack the internal expertise needed to effectively manage the security of their cloud configurations. This can lead to unmanageable alerts, misaligned security controls, and security gaps."Multi-cloud and hybrid cloud environments are practically ubiquitous, but many enterprises struggle to effectively manage security across these platforms," said Yonni Shelmerdine, Chief Product Officer at Expel. "We've added MDR support for OCI to ease that burden—addressing a critical cloud security need for many enterprises and lightening the load for increasingly over-taxed security teams."Furthering its commitment to cloud security, Expel has joined the Cloud Security Alliance (CSA), the world's leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment

Expel named a Leader in managed detection and response (MDR) services industry research report, and is cited for its strengths in detection and analyst experienceHERNDON, Va.–(BUSINESS WIRE)–Expel, the leading MDR provider, was named a Leader in The Forrester Wave™: Managed Detection and Response Services, Q1 2025. Expel received a five-out-of-five score (“superior relative to others in this evaluation”) in 15 out of 21 criteria, including the extended detection, cloud, and identity detection surface criteria, as well as analyst experience, integrations, and metrics, among others. The report states, “Expel’s strategy continues to successfully strike a balance between human delivery and software-enabled platforms that few in the cybersecurity market can replicate.”Expel is one of only three vendors recognized as a Leader in The Forrester Wave: Managed Detection and Response Services, Q1 2025.“Expel has always understood what security practitioners need because we’ve been in their shoes. In fact, we never left. We’re constantly working alongside our customers, innovating and iterating in lock-step with their security needs,” said Dave Merkel, co-founder and CEO of Expel. “For us, Forrester’s analysis reaffirms our commitment to being the trusted security partner our customers rely on (and deserve), so that our 1000th customer experiences the same positive security outcomes as our first.”The report states, “Rapid onboarding, unmatched transparency for its customers, and plans to expand its access to customer data wherever it’s stored confirm the provider is still plugged into what MDR customers need.”Expel MDR delivers trusted outcomes for customers at all phases of their security journeys