A New RAT That is Controlled Via HTTP Status Commands
A new version of COMpfun remote access trojan (RAT) has been discovered in the wild that uses HTTP status codes to control compromised systems targeted in a recent campaign...
New Info Stealer Poulight From The Russian Underground
Poulight Stealer, a new Comprehensive Data Stealer from Russia
Introduction
Nowadays, info-stealers are one of the most common threats. This category of malware includes famous malware like Azorult, Agent Tesla, and Hawkeye. The infostealer...
The Evil Corp Groups New Ransomware WastedLocker
New Ransomware Developed By Evil Corp Attempts To Bypass Crowdstrike and is encrypted by a private crypter.
Stefano Antenucci
June 23, 2020 22 Minutes
Authors: Nikolaos Pantazopoulos, Stefano Antenucci (@Antelox) and Michael Sandee
1. Introduction
WastedLocker is a new ransomware...
This Chat is Being Recorded: Egregor Ransomware Negotiations Uncovered
July 21, 2021 | By Chris Caridi co-authored by Allison Wikoff | 8 min read
Ransomware attacks are topping the charts as the most common attack type to target organizations with a constant drumbeat of attacks impacting industries...
IcedID Malware Updates new techniques To Avoid Detection
by Paul Kimayong
In our previous blog about IcedID, we explored some of the changes in the malware and how it tries to evade detection. We also detailed how threat actors took advantage...
An In Depth Look At APT DeathStalker
By Ivan Kwiatkowski, Pierre Delcher, Maher Yamout on August 24, 2020. 10:00 am
State-sponsored threat actors and sophisticated attacks are often in the spotlight. Indeed, their innovative techniques, advanced malware platforms and 0-day exploit chains...
How the Trickbot C2 uses rDNS to disguise as a legitimate Australian government service
By Gabor Szathmari
One interesting offshoot of researching .gov.au websites running outside Australia was an odd service running from Russia. How the Service NSW – a website offering government services online – ended...
