Results for "hasherezade"

October 6, 2020 - We discovered a new attack that injected its payload—dubbed "Kraken—into the Windows Error Reporting (WER) service as a defense evasion mechanism.

CONTINUE READING No Comments

July 30, 2020 - We discovered a spam campaign distributing GuLoader in the aftermath of the service's relaunch

CONTINUE READING No Comments

June 17, 2020 - A newly discovered APT spear-phishing attack implements several evasion techniques to drop Cobalt Strike toolkit.

CONTINUE READING No Comments

December 3, 2019 - We take a deep dive into the IcedID Trojan, describing the new payloads of this advanced malware.

CONTINUE READING No Comments

September 3, 2019 - TrickBot's latest feature allows it to tamper with the web sessions of users from Verizon, T-Mobile, and Sprint mobile carriers.

CONTINUE READING No Comments

May 31, 2019 - The complex and sophisticated custom malware, Hidden Bee, is a Chinese cryptominer that recently released an updated sample. We unpack the sample to look at the functionality of its loader and compare it against earlier versions.

CONTINUE READING No Comments

April 19, 2019 - Recently, one of our researchers presented at the SAS conference on "Funky malware formats"—atypical executable formats used by malware that are only loaded by proprietary loaders. In this post, we analyze one of those formats in a sample called Ocean Lotus from the APT 32 threat group in Vietnam.

CONTINUE READING No Comments

April 9, 2019 - Baldr is a new stealer that is being actively developed and distributed. Will it be able to compete in this crowded arena?

CONTINUE READING No Comments

February 26, 2019 - E-commerce sites are a hot commodity these days. We dig into how compromised PCs are helping to hack into them to inject skimmers, whether via vulnerabilities in the websites themselves or through a new malware we discovered gaining entry via brute force.

CONTINUE READING No Comments

November 12, 2018 - TrickBot has been present in the threat landscape from quite a while. We wrote about its first version in October 2016. October 2018 marks end of the second year since TrickBot’s appearance. Possibly the authors decided to celebrate the anniversary by a makeover of some significant elements of the core. This post is an analysis of the updated obfuscation used by TrickBot’s main module.

CONTINUE READING No Comments

Select your language