Recently, we have seen a spike in events associated with Taurus stealer. The individual/s developing this threat have been actively improving the evasiveness of their loader since February 2021, . . .
FickerStealer is a MaaS (Malware as a Service) stealer that is sold on hacking forums. Its main goal is to steal sensitive information cached by the user - specifically browser passwords - and . . .
AgentTesla is a .NET based malware, commonly distributed as part of a malspam campaign. Use of AgentTesla soared in 2020, when it became a favorite of threat actors, which used it to achieve . . .
An unknown threat actor have been specifically targeting German companies and citizens for several months with advanced phishing-style attacks. As already reported at the end of last year in our . . .
Over the past few months, Minerva Labs’ research team has received multiple alerts of possibly malicious code-unpacking from an executable named FlashHelperService.exe. We decided to investigate . . .
Qbot (also known as Qakbot) is a notorious, widely spreading first stage malware, which is usually spread via malspam campaigns. Targeted victims receive mail with a malicious attachment that when . . .
Over the past couple of months Minerva Labs’ research team has received multiple alerts of possibly malicious code-unpacking from an executable named FlashHelperService.exe. We decided to . . .
As we turn the corner and begin 2021 (not a moment too soon) many people are breathing a sigh of relief, but security experts are still holding their breath. 2020 was a bumper year for ransomware . . .
The Minerva Labs Research team has recently encountered a resurgence in Rig exploit kit. This infamous exploit kit has been reportedly used by threat actors since 2015 (as reported by Trustwave). . . .
Injection Attacks Thwarted Since August; The Minerva Approach Proves Itself Once Again
Minerva Labs conducted a thorough review of the cybersecurity threat exposed by SolarWinds breach. Our . . .
BuerLoader is a stealthy implant, which is frequently used by attackers as an initial foothold in organizations. The malware’s common method of infection is by phishing mails, which contain a . . .
Fake installers are on the rise, and it is not a coincidence. This opportunistic method of infection is getting increasingly popular because of the ease of creating new and obfuscated payloads . . .
