Rare UEFI Malware Found in the wild Kaspersky says
By Mark Lechtik, Igor Kuznetsov, Yury Parshin
Part II. Technical details (PDF)
UEFI (or Unified Extensible Firmware Interface) has become a prominent technology that is embedded within designated chips on modern day computer systems....
How the Trickbot C2 uses rDNS to disguise as a legitimate Australian government service
By Gabor Szathmari
One interesting offshoot of researching .gov.au websites running outside Australia was an odd service running from Russia. How the Service NSW – a website offering government services online – ended...
An In Depth Look At APT DeathStalker
By Ivan Kwiatkowski, Pierre Delcher, Maher Yamout on August 24, 2020. 10:00 am
State-sponsored threat actors and sophisticated attacks are often in the spotlight. Indeed, their innovative techniques, advanced malware platforms and 0-day exploit chains...
IcedID Malware Updates new techniques To Avoid Detection
by Paul Kimayong
In our previous blog about IcedID, we explored some of the changes in the malware and how it tries to evade detection. We also detailed how threat actors took advantage...
The Evil Corp Groups New Ransomware WastedLocker
New Ransomware Developed By Evil Corp Attempts To Bypass Crowdstrike and is encrypted by a private crypter.
Stefano Antenucci
June 23, 2020 22 Minutes
Authors: Nikolaos Pantazopoulos, Stefano Antenucci (@Antelox) and Michael Sandee
1. Introduction
WastedLocker is a new ransomware...
A New RAT That is Controlled Via HTTP Status Commands
A new version of COMpfun remote access trojan (RAT) has been discovered in the wild that uses HTTP status codes to control compromised systems targeted in a recent campaign...
New Info Stealer Poulight From The Russian Underground
Poulight Stealer, a new Comprehensive Data Stealer from Russia
Introduction
Nowadays, info-stealers are one of the most common threats. This category of malware includes famous malware like Azorult, Agent Tesla, and Hawkeye. The infostealer...