Analysis of the new wave of CVE-2017-0199 Exploit Campaign
What's the CVE-2017-0199 Exploit? The way Microsoft Office and WordPad parse specially crafted files results in a remote code execution vulnerability. An attacker who successfully...
1 Pandemic, 3 Threat Groups, 1 new Ransomware and a Vulnerability, what do you get? A recipe for a great hack!
April 20, 2020
Introduction: As the world plunges into the pandemic chaos, cyber attackers show little or no remorse on attacking enterprises, hospitals, and critical infrastructures using sophisticated techniques. FBI has warned against the rise of cyber attacks across the globe taking advantage of the crisis. One such sophisticated technique is to exploit the vendors product vulnerability in […]
Analysis of JAR Adwind Campaign
Adwind RAT (Remote Access Trojan) is a cross-platform, multi-functional remote access program which is distributed through a single malware-as-a-service platform. One of the main features that...
Analysis of Remcos JS Campaign
Remcos is a remote access trojan malware which is used to take remote control over infected PCs. Once Remcos RAT infects the system, a threat actor has the ability to execute remote commands on...
Analysis of VBS LokiBot Campaign
This article introduces the latest wave of VBS LokiBot campaign, and it's subsequent analysis. One of the most prevalent malware families that the LMNTRIX CDC has recently seen is called LokiBot....
Analysis of Netwire RAT
The NetWire RAT is malicious remote access trojan that emerged in the wild in 2012. This multi-platform malware was developed by World Wired Labs, and the program has since undergone several...
BumbleBee Loader Analysis
BumbleBee malware uses the DLLs to execute or inject payloads into a process from a hardcoded list after saving them to disc. Data structured as JSON and encrypted using RC4 is sent back and...
Analysis of IcedID campaign
IcedID is a banking trojan malware that allows attackers to steal victims' banking credentials. IcedID, also known as BokBot, primarily targets businesses in order to steal payment information. It...
Analysis of APT19 Campaign
APT19 is a threat group based out of China, they have targeted a variety of industries, including defense, finance, energy, pharmaceutical, telecommunications, high tech, education,...
Analysis of Qakbot Malware
QakBot, aka QBot, QuakBot or Pinkslipbot, is a banking trojan malware that has existed for over a decade. The main purpose of Qbot is to steal banking credentials and other financial information...
How to Slow Down the Blackbyte Ransomware
Since July 2021, numerous US, European, and Australian intrusions have been attributed to the BlackByte ransomware group. Attacks have been launched against manufacturing companies, financial...
Loading...