<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=179060&amp;fmt=gif">

Minerva Labs Blog

Updated Hancitor Malware Slings Cobalt Strike

A report by Unit 42 uncovered recent malicious activity by TA511. The threat actor added Cobalt Strike to its repertoire which is used in Active Directory environments. Initial foothold of TA511 . . .

 

The Small Business Owners' Guide to Ransomware Protection

The year 2020  saw a huge increase in ransomware attacks with ransom payments estimated to total nearly $350 million. Small and Medium Businesses (SMBs) continue to receive a rising percentage of . . .

 

IcedID - A New Threat In Office Attachments

IcedID is somewhat of a veteran in the MaaS industry, being actively developed and distributed since 2017. The malware-as-a-service, also called Bokbot, has been in extensive use in the last . . .

 

Investigating Resurgent Purple Fox

Purple fox is a veteran malware-as-a-service campaign, which until recently, infected devices through its exploit kit capabilities, spreading through vulnerable Microsoft Internet Explorer . . .

 

Taurus Stealer's Evolution

Recently, we have seen a spike in events associated with Taurus stealer. The individual/s developing this threat have been actively improving the evasiveness of their loader since February 2021, . . .

 

The Next Big Thing in Educating Your Remote Workforce On Staying Safe From Ransomware

An educated workforce should always be a vital part of your cybersecurity protection program, especially when that workforce is predominantly required to work from home.  Whether employees are . . .

 

Minerva Vs FickerStealer

FickerStealer is a MaaS (Malware as a Service) stealer that is sold on hacking forums. Its main goal is to steal sensitive information cached by the user - specifically browser passwords -  and . . .

 

Preventing AgentTesla Infiltration

AgentTesla is a .NET based malware, commonly distributed as part of a malspam campaign. Use of AgentTesla soared in 2020, when it became a favorite of threat actors, which used it to achieve . . .

 

The Return of the German JavaScript Dropper

An unknown threat actor have been specifically targeting German companies and citizens for several months with advanced phishing-style attacks. As already reported at the end of last year in our . . .

 

The Curious Case of FlashHelperService - Updated

Over the past few months, Minerva Labs’ research team has received multiple alerts of possibly malicious code-unpacking from an executable named FlashHelperService.exe. We decided to investigate . . .

 

Qbot Malspam and The Rise Of Sophisticated Evasion Techniques

Qbot (also known as Qakbot) is a notorious, widely spreading first stage malware, which is usually spread via malspam campaigns. Targeted victims receive mail with a malicious attachment that when . . .

 

The Curious Case of FlashHelperService

Over the past couple of months Minerva Labs’ research team has received multiple alerts of possibly malicious code-unpacking from an executable named FlashHelperService.exe. We decided to . . .

 

Stay Informed

Sign up for the Minerva newsletter and stay on top of the latest cybersecurity news.

Categories

see all