Generic selectors Exact matches only Search in title Search in content Post Type Selectors Filter by Categories Blog Labs LMNTRIX® LABS 1 Pandemic, 3 Threat Groups, 1 New Ransomware And A Vulnerability, What Do You Get? A Recipe For A Great Hack! June 5, 2024 Labs Crib Notes: Crysis – Ransomware with a dash of political mockery August 27, 2024 Labs Analysis of Malware Sample – Proforma Invoice August 27, 2024 Labs CRIB NOTES: Dridex – creeping credential stealer August 27, 2024 Labs Hi-ho, hi-ho your ICS may be mining Monero August 27, 2024 Labs Samba vulnerability lets attackers tap dance on servers and waltz through networks – can also do the worm August 27, 2024 Labs UPDATE: Shadow Brokers Now Accepting Payment in Monero for Release of Zero-day Exploits August 27, 2024 Labs This ain’t no disco – Fireball malware corrupts 250 million users August 29, 2024 Labs Cockroaches and ZeroAccess Trojan will be the only things to survive an Apocalypse August 29, 2024 Labs JAFF Ransomware – one more blossom in ‘Ransomware Spring’ August 29, 2024 Labs Crib Notes: RIG exploit kit – derigged? August 29, 2024 Labs Twitter Breached Again? Donald Trump Account Revealed? August 29, 2024 Labs A (Data)Drop In The Ocean – DigitalOcean Hacked? Exposing Bollywood Stars? August 30, 2024 Labs The Rat Is Back — Our Latest njRat sample analysis August 30, 2024 Labs Crib Notes: Hancitor downloader – word doc takes your computer, hands it o’er to hackers August 30, 2024 Labs Virus Total Delivers Clean Result For Malicious PDF file August 30, 2024 Labs New Ransomware RaaSberry has The Customer Service Built-In August 30, 2024 Labs Banking malware hidden in malicious Excel spreadsheets August 30, 2024 Labs NSA Exploit EternalSynergy Modified to Target Newer Windows Versions August 31, 2024 Labs Tears for fears: Dcry ransomware makes you want to shout, shout, let it all out August 31, 2024 Labs Is Ghosthook helping spooks spook? August 31, 2024 Labs Analysis of Lokibot Campaign September 22, 2024 Labs Analysis of a recent SmokeLoader Campaign September 22, 2024 Labs Dissecting a Powershell based Cobalt Strike Campaign September 22, 2024 Labs Analysis of HTA NetSupport Campaign September 24, 2024 Labs CVE-2017-8570 Remote Code Execution Vulnerability September 24, 2024 Labs Analysis of XWorm RAT Campaign September 24, 2024 Labs Analysis of Conti OST Ransomware Campaign September 24, 2024 Labs Analysis of new wave of Agent Tesla Macro XLS – Part 4 September 24, 2024 Labs Analysis of Exploit CVE-2017-0199 Campaign September 24, 2024 Labs Analysis of Blind Eagle Campaign September 24, 2024 Labs Analysis of Iced ID campaign – Part 2 September 24, 2024 Labs Analysis of Quasar RAT Campaign – Part II September 24, 2024 Labs Analysis of Snake Keylogger September 24, 2024 Labs Analysis of Revenge RAT Campaign September 24, 2024 Labs Analysis of QakBot PDF Campaign September 24, 2024 Labs Analysis of STRRAT Campaign September 24, 2024 Labs Analysis of Coin Miner Malware September 24, 2024 Labs Analysis of JS Agent Tesla – Part 3 September 25, 2024 Labs Analysis of Async RAT Campaign September 25, 2024 Labs Analysis of New wave of .PPAM Agent Tesla – Part 2 September 25, 2024 Labs Instant Karma: Facebook password stealer app drops Remote Access Trojan September 25, 2024 Labs Analysis of Cobalt Strike Beacon, The Perilous Intersection of Every Wrong Turn September 25, 2024 Labs WINDOWS ADMINS, DISABLE “Windows Search” NOW! September 25, 2024 Labs Analysis of New wave of .XLA Agent Tesla – Part 1 September 25, 2024 Labs Analysis of Quasar RAT Campaign – Part I September 25, 2024 Labs Analysis of Remcos RAT Campaign – Part 2 September 25, 2024 Labs Ransomware double-dip: is the same group behind the recent Nemucod and Globeimposter campaigns? September 25, 2024 Labs LMNTRIX vs Lorenz Ransomware September 25, 2024 Labs Analysis of new wave of QakBot (2023) September 25, 2024 Labs Analysis of New Wave of Iced ID malware September 25, 2024 Labs Analysis of HTML Phishing Campaign September 25, 2024 Labs Analysis of new wave of Qakbot Campaign September 25, 2024 Labs Smokeloader – After a decade of damage and mayhem September 25, 2024 Labs Analysis of the new wave of CVE-2017-0199 Exploit Campaign September 25, 2024 Labs Analysis of JAR Adwind Campaign September 25, 2024 Labs Analysis of Remcos JS Campaign September 25, 2024 Labs Analysis of New Wave Bumblebee XLSM Campaign September 25, 2024 Labs Analysis of VBS LokiBot Campaign September 25, 2024 Labs Analysis of Netwire RAT September 25, 2024 Labs BumbleBee Loader Analysis September 25, 2024 Labs Analysis of IcedID campaign September 25, 2024 Labs Analysis of APT19 Campaign September 25, 2024 Labs Analysis of Qakbot Malware September 25, 2024 Labs How to Slow Down the Blackbyte Ransomware September 25, 2024 Labs Analysis of ISFB Campaign September 25, 2024 Labs DoNot APT team has updated their malicious toolset September 25, 2024 Labs Technical Analysis – Loki Bot Malware Campaign September 25, 2024 Labs Analysis of Remcos RAT Campaign – Part 1 September 25, 2024 Labs MSDT – Dogwalk Exploited In the Wild September 25, 2024 Labs Active Directory Penetration Dojo – SPN Tickets and Kerberoasting September 25, 2024 Labs Active Directory Penetration Dojo – AD Environment Enumeration September 25, 2024 Labs Active Directory Penetration Dojo – Creation of Forest Trust (Part 3) September 25, 2024 Labs Active Directory Penetration Dojo – Setup of AD Penetration Lab (Part 2) September 25, 2024 Labs Active Directory Penetration Dojo – Setup of AD Penetration Lab (Part 1) September 25, 2024 Labs Babuk Ransomware Linux Variant Analysis September 25, 2024 Labs The REvil Ransomware Rampage. Kaseya under attack!! September 25, 2024 Labs CL0P Ransomware Gang Leaks NSW Transport Data On The Dark Web September 25, 2024 Labs PROMETHIUM (StrongPity/APT C-41) an element no match for LMNTRIX September 25, 2024 Labs Red Teaming: Phishing 101 September 25, 2024 Labs Golang Based Malware – a new trend September 25, 2024 Labs Under the hood of a phishing campaign September 25, 2024 Labs And now for my next trick… Highly crafted banking email hiding TrickBot trojan September 25, 2024 Labs LMNTRX vs Egregor Ransomware September 25, 2024 Labs Spora ransomware returns with Russia in its sights September 25, 2024 Labs Do the twist: Vortex ransomware spins and scrambles victim data September 25, 2024 Labs WinAPI, Excel 4.0 Macros and Red Team Phishing September 25, 2024 Labs If there’s an app for it, there’s a hack for it September 25, 2024 Labs Crib Notes: APT28 – a group so fancy, I can’t bear it. September 25, 2024 Labs LMNTRIX Labs: Hiding in Plain sight with Reflective Injection and Domain Fronting September 25, 2024 Labs Dark web delinquents selling Windows 10 zero-day September 25, 2024 Labs Attackers enslave CPU resources, set them to cryptocurrency mining September 25, 2024 Labs Emotet: The Terror Returns September 25, 2024 Labs Locky emerges out of hibernation, hits 20 million mailboxes September 25, 2024 Labs LMNTRIX LABS: Phishing campaigns impersonating Australian Government & Financial Services September 25, 2024 Labs Cyron: The latest player in the ransomware game September 25, 2024 Labs Phishing campaign timed to take advantage of Apple frenzy September 25, 2024 Labs LMNTRIX LABS THREAT DISCOVERY: CONTI RANSOMWARE September 25, 2024 Labs Nuclear – the radioactive ransomware September 25, 2024 Labs ICS Attacks on Nuclear Facilities: A Cause for Alarm September 25, 2024 Labs Karo ransomware is bad for your health September 25, 2024 Labs You get a RAT, you get a RAT, and you get a RAT! NanoCore RAT offered for free on Dark Web September 25, 2024 Labs Coinhive: The script stealing your memory September 25, 2024 Labs Detecting CVE-2019-0708 “BlueKeep” Attacks with LMNTRIX Hunt September 25, 2024 Labs Taking Pony malware for a ride September 25, 2024 Labs Threat Advisory: BadRabbit Ransomware September 25, 2024 Labs Russians behind PredatorThief malware-as-a-service keep customers happy with regular updates September 25, 2024 Labs SpyBanker Downloader – congratulations, you just pwned yourself September 25, 2024 Labs Valyrian Trojan – a cut above the rest September 25, 2024 Labs URSNIF sniffs out and hijacks emails thread September 25, 2024 Labs Nefarious Nigerians Pedalling PowerShell Pwnage September 25, 2024 Labs Vigorf Malware Intercepting Facebook and Banking Traffic September 25, 2024 Labs Shade ransomware returns to throw shade at authorities September 25, 2024 Labs Chinese waRAT give attackers full control of compromised machines September 25, 2024 Labs LMNTRIX LABS ADVISORY: Windows ASLR workarounds September 25, 2024 Labs PowerShell, Critical Infrastructure and Emotet trojans to take centre stage in 2019 September 25, 2024 Labs ZeuS’ grandson Atmos picks up the family trade September 25, 2024 Labs As Nanocore’s creator awaits sentencing, lets unpack his handiwork September 25, 2024 Labs How to save your files from Hitler ransomware September 25, 2024 Labs Malware targeting CVE-2017-11882 caught in the wild September 25, 2024 Labs Hackers impersonate tax office to scam Indian workers September 25, 2024 Labs Powershell Monero Miner tunnelling under traditional anti-virus September 25, 2024 Labs Spider ransomware dusts itself off and continues crawling September 25, 2024 Labs Lifting the veil on IcedID’s go to market strategy September 25, 2024 Labs _(ツ)_/¯ – hit by Shrug Ransomware? Here’s how to decrypt without paying September 25, 2024 Labs Scarab sets a new standard for rapid fire ransomware September 25, 2024 Labs GandCrab ransomware scuttles files, demands TOR download to retrieve files September 25, 2024 Labs Blouiroet malware masquerading as a miner September 25, 2024 Labs Behind the veil – GandCrab Ransomware Partner Program September 25, 2024 Labs Rapid Ransomware stumbles at the first hurdle September 25, 2024 Labs Special Ear – the Chinese trojan lifting keystrokes and credentials September 25, 2024 Labs AutoIT Trojan – the swiss army knife of malware September 25, 2024 Labs Kryptik malware collecting college cash September 25, 2024 Labs LMNTRIX Labs Spots North Korean Hermes 2.1 Ransomware in the US September 25, 2024 Labs Crib Notes: Hidden Cobra – North Korea’s snake in the grass September 25, 2024 Labs Kaspersky web portal vulnerabilities left users open to session hijacking and brute force attacks September 25, 2024 Labs Threat Advisory: Adobe Flash Player Multiple Vulnerabilities exploited in the wild September 25, 2024 Labs New Coin Miner Malware Bashes The Unsuspecting September 25, 2024 Labs Tron Ransomware – Infecting only Non-Russian Victims! September 25, 2024 Labs SpriteCoin: who needs phishing when crypto-hype makes the perfect bait? September 25, 2024 Labs HiddenTear Proliferates. Is this part of a Open-Source trend that will make the whole world cry? September 25, 2024 Labs Ursnif – the ‘Mr Worldwide’ of banking trojans September 25, 2024 Labs Hijacked Mailchimp accounts slinging Gootkit trojan September 25, 2024 Labs If vendors spent less on marketing and more on capability, our job would be a lot harder September 25, 2024 Labs Threat Intel Update September 25, 2024 Labs PETYA/PetWrap Ransomware with logical Kill switch:- Threat Intel Update October 13, 2024 Labs The Grinch is now stealing Christmas with festive ransomware October 15, 2024 Labs Analysis Of Redline Infostealer Campaign October 19, 2024 Labs Analysis Of Azorult Campaign November 7, 2024 Labs Disabling and Removing Browser Extensions can Prevent Unwanted Security Headaches May 28, 2025 Labs The Growing Threat of Malicious Browser Notifications June 14, 2025 Labs
1 Pandemic, 3 Threat Groups, 1 New Ransomware And A Vulnerability, What Do You Get? A Recipe For A Great Hack! June 5, 2024 Labs
Samba vulnerability lets attackers tap dance on servers and waltz through networks – can also do the worm August 27, 2024 Labs
UPDATE: Shadow Brokers Now Accepting Payment in Monero for Release of Zero-day Exploits August 27, 2024 Labs
Cockroaches and ZeroAccess Trojan will be the only things to survive an Apocalypse August 29, 2024 Labs
Crib Notes: Hancitor downloader – word doc takes your computer, hands it o’er to hackers August 30, 2024 Labs
Analysis of Cobalt Strike Beacon, The Perilous Intersection of Every Wrong Turn September 25, 2024 Labs
Ransomware double-dip: is the same group behind the recent Nemucod and Globeimposter campaigns? September 25, 2024 Labs
And now for my next trick… Highly crafted banking email hiding TrickBot trojan September 25, 2024 Labs
LMNTRIX Labs: Hiding in Plain sight with Reflective Injection and Domain Fronting September 25, 2024 Labs
LMNTRIX LABS: Phishing campaigns impersonating Australian Government & Financial Services September 25, 2024 Labs
You get a RAT, you get a RAT, and you get a RAT! NanoCore RAT offered for free on Dark Web September 25, 2024 Labs
Russians behind PredatorThief malware-as-a-service keep customers happy with regular updates September 25, 2024 Labs
PowerShell, Critical Infrastructure and Emotet trojans to take centre stage in 2019 September 25, 2024 Labs
Kaspersky web portal vulnerabilities left users open to session hijacking and brute force attacks September 25, 2024 Labs
Threat Advisory: Adobe Flash Player Multiple Vulnerabilities exploited in the wild September 25, 2024 Labs
HiddenTear Proliferates. Is this part of a Open-Source trend that will make the whole world cry? September 25, 2024 Labs
If vendors spent less on marketing and more on capability, our job would be a lot harder September 25, 2024 Labs
