Minerva Labs Blog

Minerva’s solution augments antivirus or EPP solutions without interfering or overlapping with their functionality.

All of Minerva customers are fully protected from this campaign as from many other Office vulnerabilities even if their systems were not patched yet – regardless of their Office Suite version and

The “never get gifts from strangers” rule applies for suspicious email attachments as well as enterprises and SMBs alike educate their employees about the dangers lurking in cyberspace.

Malware authors work rigorously to ensure their creations will go undetected by security defenses. Though some adversaries engage in their own hands-on testing, many of them turn to third-party

How can we turn discussions about the vague notion of fileless attacks into constructive, specific conversations?

The notion of fileless attacks describes incidents where adversaries avoid writing malicious code to disk, aiming to operate solely in memory and abuse features of applications and the OS.

What drives two endpoint security vendors to work together? The recognition that customers will benefit from the unique advantages of each company’s technologies.

Investigating a suspicious security event on the endpoint and responding to a possible infection can be stressful and time-consuming. Was it a false alarm? Did the threat succeed at penetrating

CoffeeShot is an evasion framework that injects payload from Java-based programs into designated processes on Microsoft Windows.

Microsoft’s built-in and commercial technologies offer an EPP-like solution that can be attractive for organizations but can also create confusion and overlapping of features. 

Microsoft includes “Windows Defender” in names of several security capabilities that the company provides. In discussions with Minerva Labs customers and partners I’ve witnessed frequent confusion

Following the leak of an enhanced Buhtrap malware source code, Minerva’s research team released a summary of its highlights, sharing their insights about this threat and the aftermath of the leak.