May 31, 2019 - The complex and sophisticated custom malware, Hidden Bee, is a Chinese cryptominer that recently released an updated sample. We unpack the sample to look at the functionality of its loader and compare it against earlier versions.
May 24, 2019 - PACS servers are often used to store and transmit patient data. But how is their security implemented? We take a look at case of how poor setup can easily lead to data leaks.
May 15, 2019 - CrySIS, aka Dharma, is a ransomware family making waves over the last two months, often being used in targeted attacks through RDP access. What other tricks are up its sleeve?
May 14, 2019 - In this edition, we review active and unique exploit kits hitting consumers and businesses over the spring season.
April 19, 2019 - Recently, one of our researchers presented at the SAS conference on "Funky malware formats"—atypical executable formats used by malware that are only loaded by proprietary loaders. In this post, we analyze one of those formats in a sample called Ocean Lotus from the APT 32 threat group in Vietnam.
April 9, 2019 - Baldr is a new stealer that is being actively developed and distributed. Will it be able to compete in this crowded arena?
March 26, 2019 - The latest round of vulnerable WordPress plugins leads to an active traffic monetization campaign via hacked websites.
March 12, 2019 - Lazarus Group, the threat actors likely behind the Sony breach and WannaCry outbreak, are in the news again. Here's what you need to know about this North Korean organization, and what you should do to protect against such nation-state attacks.
March 6, 2019 - Troldesh is ransomware that relies heavily on user interaction. Nevertheless, a recent spike in detections shows it's been successful against businesses in the first few months of 2019.
February 26, 2019 - E-commerce sites are a hot commodity these days. We dig into how compromised PCs are helping to hack into them to inject skimmers, whether via vulnerabilities in the websites themselves or through a new malware we discovered gaining entry via brute force.