<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=179060&amp;fmt=gif">

Minerva Labs Blog

A new StrongPity variant hides behind Notepad++ installation

The StrongPity actor group has been around since 2012 and employs the same tactics, namely adding backdoors to legitimate software used by specific users, a technique also known as water holing. The . . .


BlackMatter - The New Star Of Ransomware

After the demise of the DarkSide ransomware affiliate program, a vacuum was left in the market. This space was promptly filled by new groups such as Lockbit and BlackMatter. BlackMatter, the . . .


MSPs really need to start looking into Ransomware Protection

When it comes to ransomware protection, Managed Service Providers (MSPs) are in a unique position. On the one hand, they are often the main line of defense for their customers against ransomware. At . . .


A Long List Of Arkei Stealer's Crypto Browser Wallets

Arkei is an information-stealer, distributed as a malware as a service (MAAS). It collects sensitive information such as application passwords, credit card information, web browser cookies and can . . .


Holiday Season Concerns? Ransomware Protection Could Save Your Company

Will ransomware steal your holiday cheer? This year, it could, if you’re unprepared for the surge in ransomware attacks that agencies like the FBI foresee during the end-of-year holiday season.


A New DatopLoader Delivers QakBot Trojan

A new phishing campaign delivers a Qakbot (also known as Qbot or Quakbot), using DatopLoader(aka Squirrelwaffle). 


Underminer Exploit Kit: The More You Check The More Evasive You Become

The Underminer exploit kit has surfaced numerous times since 2019, but here it is back again delivering the Amadey malware, as the Malwarebytes Threat Intelligence team found last week.


Working With OT Legacy Systems? 5 Ransomware Protection Tips For You

Much of the conversation surrounding the pandemic and IT has focused on managing new types of technologies that help employees work remotely, like video conferencing platforms and cloud desktops.


New MirrorBlast Malware Phishing Campaign Using Rebol-View Software

MirrorBlast malware is a trojan that is known for attacking users’ browsers. It usually pretends to be a legitimate browser add-on however it has now evolved additional capabilities, whereby other . . .


Two Trickbot gang members arrested, but their malware is still spreading

Trickbot malware has been with us since 2016. It started as a banking trojan, targeting financial services and users to steal banking data. However, over the years, it has evolved into sophisticated, . . .


What You Should Know: Protect Against Common Ransomware Attack Methods

It’s easy enough to understand what ransomware does: It holds your data for ransom by encrypting it until you pay a fee to the threat actors.


Phishing Attacks and Minerva Armor

Most threat actors these days are more mature than they were before. An organization will find out about a cyber attack on its network, in the late stages of the attack, when the damage has already . . .


Stay Informed

Sign up for the Minerva newsletter and stay on top of the latest cybersecurity news.


see all