Results for "hasherezade"
October 6, 2020 - We discovered a new attack that injected its payload—dubbed "Kraken—into the Windows Error Reporting (WER) service as a defense evasion mechanism.
July 30, 2020 - We discovered a spam campaign distributing GuLoader in the aftermath of the service's relaunch
June 17, 2020 - A newly discovered APT spear-phishing attack implements several evasion techniques to drop Cobalt Strike toolkit.
December 3, 2019 - We take a deep dive into the IcedID Trojan, describing the new payloads of this advanced malware.
September 3, 2019 - TrickBot's latest feature allows it to tamper with the web sessions of users from Verizon, T-Mobile, and Sprint mobile carriers.
May 31, 2019 - The complex and sophisticated custom malware, Hidden Bee, is a Chinese cryptominer that recently released an updated sample. We unpack the sample to look at the functionality of its loader and compare it against earlier versions.
April 19, 2019 - Recently, one of our researchers presented at the SAS conference on "Funky malware formats"—atypical executable formats used by malware that are only loaded by proprietary loaders. In this post, we analyze one of those formats in a sample called Ocean Lotus from the APT 32 threat group in Vietnam.
April 9, 2019 - Baldr is a new stealer that is being actively developed and distributed. Will it be able to compete in this crowded arena?
February 26, 2019 - E-commerce sites are a hot commodity these days. We dig into how compromised PCs are helping to hack into them to inject skimmers, whether via vulnerabilities in the websites themselves or through a new malware we discovered gaining entry via brute force.
November 12, 2018 - TrickBot has been present in the threat landscape from quite a while. We wrote about its first version in October 2016. October 2018 marks end of the second year since TrickBot’s appearance. Possibly the authors decided to celebrate the anniversary by a makeover of some significant elements of the core. This post is an analysis of the updated obfuscation used by TrickBot’s main module.