A new wave of NOBELIUM attacks has been reported by Microsoft. NOBELIUM is the same threat actor Microsoft attributed the SolarWinds attack to, a Russian based group attacking mostly US-based . . .
Trapping A Fat Quasar RAT
How would you go about evading the state-of-the-art sandbox? The most straightforward way would be to test your malware versus the industry’s top vendors. A sample we encountered in January, 2021 has . . .
Read More >>Rigging a Windows Installation
It is common knowledge that pirated software might contain malware, yet millions still put themselves and their devices at risk and download from dubious sources. It is even more surprising to see . . .
Read More >>RedLine Stealer Masquerades as Telegram Installer
Stealers are pieces of malicious code written with a hit and run mentality - their main purpose is to find anything of value on an infected device and exfiltrate it back to its operator. The common . . .
Read More >>Updated Hancitor Malware Slings Cobalt Strike
A report by Unit 42 uncovered recent malicious activity by TA511. The threat actor added Cobalt Strike to its repertoire, which is used in Active Directory environments. Initial foothold of TA511 is . . .
Read More >>The Small Business Owners' Guide to Ransomware Protection
The year 2020 saw a huge increase in ransomware attacks with ransom payments estimated to total nearly $350 million. Small and Medium Businesses (SMBs) continue to receive a rising percentage of . . .
Read More >>IcedID - A New Threat In Office Attachments
IcedID is somewhat of a veteran in the MaaS industry, being actively developed and distributed since 2017. The malware-as-a-service, also called Bokbot, has been in extensive use in the last couple . . .
Read More >>Investigating Resurgent Purple Fox
Purple fox is a veteran malware-as-a-service campaign, which until recently, infected devices through its exploit kit capabilities, spreading through vulnerable Microsoft Internet Explorer instances. . . .
Read More >>Taurus Stealer's Evolution
Recently, we have seen a spike in events associated with Taurus stealer. The individual/s developing this threat have been actively improving the evasiveness of their loader since February 2021, . . .
Read More >>The Next Big Thing in Educating Your Remote Workforce On Staying Safe From Ransomware
An educated workforce should always be a vital part of your cybersecurity protection program, especially when that workforce is predominantly required to work from home. Whether employees are using . . .
Read More >>Minerva Vs FickerStealer
FickerStealer is a MaaS (Malware as a Service) stealer that is sold on hacking forums. Its main goal is to steal sensitive information cached by the user - specifically browser passwords - and send . . .
Read More >>Preventing AgentTesla Infiltration
AgentTesla is a .NET based malware, commonly distributed as part of a malspam campaign. Use of AgentTesla soared in 2020, when it became a favorite of threat actors, which used it to achieve initial . . .
Read More >>