October 5, 2018 - In part two of this series on fileless malware, our malware analyst walks readers through two demonstrations of fileless malware attacks and shows the problems with detecting them using static signatures.
September 26, 2018 - A threat actor implements a newer vulnerability exploited in Internet Explorer to serve up the Quasar RAT and diversify the portfolio of attacks.
September 20, 2018 - Thousands of WordPress sites have been injected with the same malicious redirection. We review the infection details and the malicious traffic leading to browser lockers.
September 7, 2018 - There are several apps in the Mac App Store that are collecting data about users that they should not be collecting. Here's what you need to know.
August 30, 2018 - When we recently analyzed payloads related to Hidden Bee (dropped by the Underminer EK), we noticed something unusual. After reversing the malware, we discovered that its authors actually created their own executable format. Follow our step-by-step analysis for a closer look.
August 29, 2018 - In this series of articles, we provide an in-depth discussion of fileless malware and their related attacks. In part one, we cover a brief overview of the problems with and general features of fileless malware, laying the groundwork for technical analysis of various samples employing fileless and semi-fileless methods.
August 13, 2018 - Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn't been seen much in the wild since. It was an interesting surprise, then, to discover its use mixed in with Process Hollowing, yet another technique, in a dropper for the Osiris banking Trojan.
August 7, 2018 - Just like the beach, the EK landscape got a little crowded this summer. Find out what we discovered in our exploit kits summer review.
July 26, 2018 - Threat actors switch to the Hidden Bee miner as a payload for this unusual and complex drive-by download campaign.
July 24, 2018 - A new variant of the Mac malware Proton, which was rampant on macOS last year, has been found dating back to at least two years ago. Learn how this could still affect your Mac today.