A report by Unit 42 uncovered recent malicious activity by TA511. The threat actor added Cobalt Strike to its repertoire which is used in Active Directory environments. Initial foothold of TA511 . . .
The year 2020 saw a huge increase in ransomware attacks with ransom payments estimated to total nearly $350 million. Small and Medium Businesses (SMBs) continue to receive a rising percentage of . . .
IcedID is somewhat of a veteran in the MaaS industry, being actively developed and distributed since 2017. The malware-as-a-service, also called Bokbot, has been in extensive use in the last . . .
Purple fox is a veteran malware-as-a-service campaign, which until recently, infected devices through its exploit kit capabilities, spreading through vulnerable Microsoft Internet Explorer . . .
Recently, we have seen a spike in events associated with Taurus stealer. The individual/s developing this threat have been actively improving the evasiveness of their loader since February 2021, . . .
An educated workforce should always be a vital part of your cybersecurity protection program, especially when that workforce is predominantly required to work from home. Whether employees are . . .
FickerStealer is a MaaS (Malware as a Service) stealer that is sold on hacking forums. Its main goal is to steal sensitive information cached by the user - specifically browser passwords - and . . .
AgentTesla is a .NET based malware, commonly distributed as part of a malspam campaign. Use of AgentTesla soared in 2020, when it became a favorite of threat actors, which used it to achieve . . .
An unknown threat actor have been specifically targeting German companies and citizens for several months with advanced phishing-style attacks. As already reported at the end of last year in our . . .
Over the past few months, Minerva Labs’ research team has received multiple alerts of possibly malicious code-unpacking from an executable named FlashHelperService.exe. We decided to investigate . . .
Qbot (also known as Qakbot) is a notorious, widely spreading first stage malware, which is usually spread via malspam campaigns. Targeted victims receive mail with a malicious attachment that when . . .
Over the past couple of months Minerva Labs’ research team has received multiple alerts of possibly malicious code-unpacking from an executable named FlashHelperService.exe. We decided to . . .
Sign up for the Minerva newsletter and stay on top of the latest cybersecurity news.