Threat analysis

Fake jquery campaign leads to malvertising and ad fraud schemes - We look for answers in a long-running and yet mysterious malware campaign that has compromised thousands of websites to date.

Threat analysis

Fake jquery campaign leads to malvertising and ad fraud schemes

June 27, 2019 - We look for answers in a long-running and yet mysterious malware campaign that has compromised thousands of websites to date.

Read more
GreenFlash Sundown exploit kit expands via large malvertising campaign - The GreenFlash exploit kit, which we typically saw targeting South Korean users, reaches globally with a large malvertising campaign via a popular website.

Threat analysis

GreenFlash Sundown exploit kit expands via large malvertising campaign

June 26, 2019 - The GreenFlash exploit kit, which we typically saw targeting South Korean users, reaches globally with a large malvertising campaign via a popular website.

Read more
Magecart skimmers found on Amazon CloudFront CDN - Not all breaches on Content Delivery Networks (CDNs) result in supply-chain attacks, yet, they are often a forgotten entry point for attackers to slip in malicious code, such as web skimmers.

Threat analysis

Magecart skimmers found on Amazon CloudFront CDN

June 4, 2019 - Not all breaches on Content Delivery Networks (CDNs) result in supply-chain attacks, yet, they are often a forgotten entry point for attackers to slip in malicious code, such as web skimmers.

Read more
Hidden Bee: Let’s go down the rabbit hole - The complex and sophisticated custom malware, Hidden Bee, is a Chinese cryptominer that recently released an updated sample. We unpack the sample to look at the functionality of its loader and compare it against earlier versions.

Threat analysis

Hidden Bee: Let’s go down the rabbit hole

May 31, 2019 - The complex and sophisticated custom malware, Hidden Bee, is a Chinese cryptominer that recently released an updated sample. We unpack the sample to look at the functionality of its loader and compare it against earlier versions.

Read more
Medical industry struggles with PACS data leaks - PACS servers are often used to store and transmit patient data. But how is their security implemented? We take a look at case of how poor setup can easily lead to data leaks.

Threat analysis

Medical industry struggles with PACS data leaks

May 24, 2019 - PACS servers are often used to store and transmit patient data. But how is their security implemented? We take a look at case of how poor setup can easily lead to data leaks.

Read more
Threat spotlight: CrySIS, aka Dharma ransomware, causing a crisis for businesses - CrySIS, aka Dharma, is a ransomware family making waves over the last two months, often being used in targeted attacks through RDP access. What other tricks are up its sleeve?

Malware | Threat analysis

Threat spotlight: CrySIS, aka Dharma ransomware, causing a crisis for businesses

May 15, 2019 - CrySIS, aka Dharma, is a ransomware family making waves over the last two months, often being used in targeted attacks through RDP access. What other tricks are up its sleeve?

Read more
Exploit kits: spring 2019 review - In this edition, we review active and unique exploit kits hitting consumers and businesses over the spring season.

Exploits | Threat analysis

Exploit kits: spring 2019 review

May 14, 2019 - In this edition, we review active and unique exploit kits hitting consumers and businesses over the spring season.

Read more
“Funky malware format” found in Ocean Lotus sample - Recently, one of our researchers presented at the SAS conference on

Malware | Threat analysis

“Funky malware format” found in Ocean Lotus sample

April 19, 2019 - Recently, one of our researchers presented at the SAS conference on "Funky malware formats"—atypical executable formats used by malware that are only loaded by proprietary loaders. In this post, we analyze one of those formats in a sample called Ocean Lotus from the APT 32 threat group in Vietnam.

Read more
Say hello to Baldr, a new stealer on the market - Baldr is a new stealer that is being actively developed and distributed. Will it be able to compete in this crowded arena?

Criminals | Threat analysis

Say hello to Baldr, a new stealer on the market

April 9, 2019 - Baldr is a new stealer that is being actively developed and distributed. Will it be able to compete in this crowded arena?

Read more

Select your language