We have often observed threat actors using legitimate software for dropping malicious files. This time however is different. This threat actor was able to leave most parts of the attack under the . . .
As one of the most debilitating and disruptive threats to ever exist in the Information Security landscape, ransomware and ransomware protection has been at the top of every enterprise security . . .
Every day we hear about the growing number of sophisticated ransomware groups, such as the infamous Conti, Khonsari and BlackCat. These groups usually exfiltrate and encrypt their victims’ data (a . . .
Endpoint Detection and Response systems (EDRs) promise to protect the endpoints of your IT systems against malware, ransomware, and other types of malicious code. As a result, companies of all . . .
Minerva Prevention Platform helps Incident Response team gain control over ongoing Ransomware attack
Earlier this week, an Incident Response (IR) company was called in by a new customer that was experiencing a ransomware attack which they were unable to control.
They promptly deployed the Minerva . . .
The StrongPity actor group has been around since 2012 and employs the same tactics, namely adding backdoors to legitimate software used by specific users, a technique also known as water holing. . . .
Arkei is an information-stealer, distributed as a malware as a service (MAAS). It collects sensitive information such as application passwords, credit card information, web browser cookies and can . . .
A new phishing campaign delivers a Qakbot (also known as Qbot or Quakbot), using DatopLoader(aka Squirrelwaffle).
MirrorBlast malware is a trojan that is known for attacking users’ browsers. It usually pretends to be a legitimate browser add-on however it has now evolved additional capabilities, whereby other . . .
Trickbot malware has been with us since 2016. It started as a banking trojan, targeting financial services and users to steal banking data. However, over the years, it has evolved into . . .
Vidar Stealer is not new to our world. It is known for stealing sensitive information such as banking details, IP addresses, saved passwords, browser history, login credentials, and recently, . . .
Jupyter Stealer is an evolving info stealer that is commonly spread using backdoored installations. We have recently encountered a new and improved version of this malware, which allows its . . .
