<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=179060&amp;fmt=gif">

Minerva Labs Blog

Malicious Telegram Installer Drops Purple Fox Rootkit

We have often observed threat actors using legitimate software for dropping malicious files. This time however is different. This threat actor was able to leave most parts of the attack under the . . .

 

2021 Was the Year Ransomware Protection Accelerated Enterprise Security Maturity

As one of the most debilitating and disruptive threats to ever exist in the Information Security landscape, ransomware and ransomware protection has been at the top of every enterprise security . . .

 

Meet the TimeTime ransomware - the ransomware that asks for €100 via PaySafeCard

Every day we hear about the growing number of sophisticated ransomware groups, such as the infamous Conti, Khonsari and BlackCat. These groups usually exfiltrate and encrypt their victims’ data (a . . .

 

Why do companies with EDRs and XDRs still experience Ransomware Attacks?

Endpoint Detection and Response systems (EDRs) promise to protect the endpoints of your IT systems against malware, ransomware, and other types of malicious code. As a result, companies of all . . .

 

Minerva Prevention Platform helps Incident Response team gain control over ongoing Ransomware attack

Earlier this week, an Incident Response (IR) company was called in by a new customer that was experiencing a ransomware attack which they were unable to control.

They promptly deployed the Minerva . . .

 

A new StrongPity variant hides behind Notepad++ installation

The StrongPity actor group has been around since 2012 and employs the same tactics, namely adding backdoors to legitimate software used by specific users, a technique also known as water holing. . . .

 

A Long List Of Arkei Stealer's Crypto Browser Wallets

Arkei is an information-stealer, distributed as a malware as a service (MAAS). It collects sensitive information such as application passwords, credit card information, web browser cookies and can . . .

 

A New DatopLoader Delivers QakBot Trojan

A new phishing campaign delivers a Qakbot (also known as Qbot or Quakbot), using DatopLoader(aka Squirrelwaffle). 

 

New MirrorBlast Malware Phishing Campaign Using Rebol-View Software

MirrorBlast malware is a trojan that is known for attacking users’ browsers. It usually pretends to be a legitimate browser add-on however it has now evolved additional capabilities, whereby other . . .

 

Two Trickbot gang members arrested, but their malware is still spreading

Trickbot malware has been with us since 2016. It started as a banking trojan, targeting financial services and users to steal banking data. However, over the years, it has evolved into . . .

 

Vidar Stealer Evasion Arsenal

Vidar Stealer is not new to our world. It is known for stealing sensitive information such as banking details, IP addresses, saved passwords, browser history, login credentials, and recently, . . .

 

Thwarting Jupyter Stealer

Jupyter Stealer is an evolving info stealer that is commonly spread using backdoored installations. We have recently encountered a new and improved version of this malware, which allows its . . .

 
1 2 3 4

Stay Informed

Sign up for the Minerva newsletter and stay on top of the latest cybersecurity news.

Categories

see all