Threat analysis

ASyncRat surpasses Dridex, TrickBot and Emotet to become dominant email threat - A review of what's changed in malware in 2022, and what hasn't, based on Adam Kujawa's talk at RSAC 2022.

Threat analysis

ASyncRat surpasses Dridex, TrickBot and Emotet to become dominant email threat

June 9, 2022 - A review of what's changed in malware in 2022, and what hasn't, based on Adam Kujawa's talk at RSAC 2022.

Read more
Credential-stealing malware disguises itself as Telegram, targets social media users - Spyware.FFDroider is an information stealer that exfiltrates browser data in an attempt to steal credentials and valid session cookies.

Threat analysis

Credential-stealing malware disguises itself as Telegram, targets social media users

April 11, 2022 - Spyware.FFDroider is an information stealer that exfiltrates browser data in an attempt to steal credentials and valid session cookies.

Read more
Don’t let scammers ruin your Valentine’s Day - No matter the occasion, you can always count on scammers to show up.

Social engineering

Don’t let scammers ruin your Valentine’s Day

February 14, 2022 - No matter the occasion, you can always count on scammers to show up.

Read more
SolarWinds attackers launch new campaign - The Microsoft Threat Intelligence Center has issued a warning about new activities from Nobelium, the group behind SolarWinds, Sunburst, and related attacks.

Threat analysis

SolarWinds attackers launch new campaign

May 28, 2021 - The Microsoft Threat Intelligence Center has issued a warning about new activities from Nobelium, the group behind SolarWinds, Sunburst, and related attacks.

Read more
New steganography attack targets Azerbaijan - A lure document targeting Azerbaijan uses steganography to conceal a remote administration Trojan.

Threat analysis | Threat Intelligence

New steganography attack targets Azerbaijan

March 5, 2021 - A lure document targeting Azerbaijan uses steganography to conceal a remote administration Trojan.

Read more
Cleaning up after Emotet: the law enforcement file - Following global law enforcement action to take over the Emotet botnet, a special update is being sent to clean up infected machines.

Malware | Threat analysis | Threat Intelligence

Cleaning up after Emotet: the law enforcement file

January 29, 2021 - Following global law enforcement action to take over the Emotet botnet, a special update is being sent to clean up infected machines.

Read more
Retrohunting APT37: North Korean APT used VBA self decode technique to inject RokRat - A North Korean threat group has swapped the usual Hangul Office lures for a cleverly packed Office macro.

Social engineering | Threat analysis | Threat Intelligence

Retrohunting APT37: North Korean APT used VBA self decode technique to inject RokRat

January 6, 2021 - A North Korean threat group has swapped the usual Hangul Office lures for a cleverly packed Office macro.

Read more
SolarWinds advanced cyberattack: What happened and what to do now - Possibly the largest hacking operation of 2020 was just unveiled. In this blog we share what we know and what you should do right now.

Threat analysis | Threat Intelligence

SolarWinds advanced cyberattack: What happened and what to do now

December 14, 2020 - Possibly the largest hacking operation of 2020 was just unveiled. In this blog we share what we know and what you should do right now.

Read more
German users targeted with Gootkit banker or REvil ransomware - After a noted absence, the Gootkit banking Trojan returns en masse to hit Germany. In an interesting twist, some of the victims may receive ransomware instead.

Malware | Threat analysis | Threat Intelligence

German users targeted with Gootkit banker or REvil ransomware

November 30, 2020 - After a noted absence, the Gootkit banking Trojan returns en masse to hit Germany. In an interesting twist, some of the victims may receive ransomware instead.

Read more

Select your language