Analysis of the new wave of CVE-2017-0199 Exploit Campaign
What's the CVE-2017-0199 Exploit? The way Microsoft Office and WordPad parse specially crafted files results in a remote code execution vulnerability. An attacker who successfully...
Introduction: As the world plunges into the pandemic chaos, cyber attackers show little or no remorse on attacking enterprises, hospitals, and critical infrastructures using sophisticated techniques. FBI has warned against the rise of cyber attacks across the globe taking advantage of the crisis. One such sophisticated technique is to exploit the vendors product vulnerability in […]
What's the CVE-2017-0199 Exploit? The way Microsoft Office and WordPad parse specially crafted files results in a remote code execution vulnerability. An attacker who successfully...
Adwind RAT (Remote Access Trojan) is a cross-platform, multi-functional remote access program which is distributed through a single malware-as-a-service platform. One of the main features that...
Remcos is a remote access trojan malware which is used to take remote control over infected PCs. Once Remcos RAT infects the system, a threat actor has the ability to execute remote commands on...
This article introduces the latest wave of VBS LokiBot campaign, and it's subsequent analysis. One of the most prevalent malware families that the LMNTRIX CDC has recently seen is called LokiBot....
The NetWire RAT is malicious remote access trojan that emerged in the wild in 2012. This multi-platform malware was developed by World Wired Labs, and the program has since undergone several...
BumbleBee malware uses the DLLs to execute or inject payloads into a process from a hardcoded list after saving them to disc. Data structured as JSON and encrypted using RC4 is sent back and...
IcedID is a banking trojan malware that allows attackers to steal victims' banking credentials. IcedID, also known as BokBot, primarily targets businesses in order to steal payment information. It...
APT19 is a threat group based out of China, they have targeted a variety of industries, including defense, finance, energy, pharmaceutical, telecommunications, high tech, education,...
QakBot, aka QBot, QuakBot or Pinkslipbot, is a banking trojan malware that has existed for over a decade. The main purpose of Qbot is to steal banking credentials and other financial information...
Since July 2021, numerous US, European, and Australian intrusions have been attributed to the BlackByte ransomware group. Attacks have been launched against manufacturing companies, financial...