Malware Archives

2,058

people reacted

There Is More Than One Way to Sleep: Dive Deep Into the Implementations of API Hammering by Various Malware Families

By Mark Lim and Riley Porter
June 24, 2022 at 6:00 AM

5 min. read

26,305

people reacted

GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool

By Unit 42
June 13, 2022 at 3:00 AM

10 min. read

A conceptual image representing malware, such as Popping Eagle.

23,723

people reacted

Popping Eagle: How We Leveraged Global Analytics to Discover a Sophisticated Threat Actor

By Yuval Zan and Chen Evgi
June 2, 2022 at 3:00 PM

12 min. read

A conceptual image representing targeted attacks, including the XLL Files and Dridex infection chain discussed here.

29,728

people reacted

Weaponization of Excel Add-Ins Part 2: Dridex Infection Chain Case Studies

By Saqib Khanzada
May 19, 2022 at 12:00 PM

8 min. read

A conceptual image representing phishing - one of the primary delivery methods for Emotet malware, covered here.

29,762

people reacted

Emotet Summary: November 2021 Through January 2022

By Brad Duncan
May 17, 2022 at 6:00 AM

13 min. read

A conceptual image representing malicious email, which can often come with suspicious attachments such as the Compiled HTML Help file delivering Agent Tesla discussed here.

28,336

people reacted

Harmful Help: Analyzing a Malicious Compiled HTML Help File Delivering Agent Tesla

By Tyler Halfpop
May 12, 2022 at 3:00 PM

4 min. read

A conceptual image representing malware, such as BazarLoader, often known for anti-analysis techniques

34,415

people reacted

Defeating BazarLoader Anti-Analysis Techniques

By Mark Lim
April 25, 2022 at 6:00 AM

7 min. read

A conceptual image representing ransomware, including the BlackByte ransomware discussed here.

33,481

people reacted

Threat Assessment: BlackByte Ransomware

By Amer Elsad
April 21, 2022 at 12:00 PM

10 min. read

A conceptual image representing trends, including the trends in web threats discussed here, including trends in web threats landing URLs and web threats malicious host URLs

24,637

people reacted

Trends in Web Threats: Attackers Were More Active During Holiday Season

By Cecilia Hu, Tao Yan, Jin Chen and Taojie Wang
April 11, 2022 at 6:00 AM

10 min. read

A conceptual image representing malware, such as the SolarMarker campaign discussed here.

34,957

people reacted

New SolarMarker (Jupyter) Campaign Demonstrates the Malware’s Changing Attack Patterns

By Shimi Cohen, Inbal Shalev and Irena Damsky
April 8, 2022 at 6:00 PM

263

8 min. read

A conceptual image representing malware, such as the OutSteel and SaintBot payloads that were observed as part of an attack targeting Ukrainian organizations.

35,178

people reacted

Spear Phishing Attacks Target Organizations in Ukraine, Payloads Include the Document Stealer OutSteel and the Downloader SaintBot

By Unit 42
February 25, 2022 at 5:30 PM

21 min. read

A conceptual image representing cybercrime, such as the SockDetour backdoor being tracked by Unit 42 in conjunction with the TiltedTemple campaign.

36,779

people reacted

SockDetour – a Silent, Fileless, Socketless Backdoor – Targets U.S. Defense Contractors

By Unit 42
February 24, 2022 at 6:00 AM

9 min. read

A conceptual image representing geopolitical cyber activity, such as what has been associated with Russia-Ukraine

88,889

people reacted

Russia-Ukraine Cyberattacks (Updated): How to Protect Against Related Cyberthreats Including DDoS, HermeticWiper, Gamaredon, Website Defacement, Phishing and Scams

By Unit 42
February 22, 2022 at 3:00 PM

286

13 min. read

A conceptual image representing phishing, such as the research on a new Emotet infection method covered here.

42,341

people reacted

New Emotet Infection Method

By Saqib Khanzada, Tyler Halfpop, Micah Yates and Brad Duncan
February 15, 2022 at 6:00 AM

5 min. read

A bear trap accompanied by symbols associated with Russia and Ukraine come together to form a conceptual image for Russia's Gamaredon, aka Primitive Bear, an APT targeting Ukraine.

79,197

people reacted

Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine (Updated June 22)

By Unit 42
February 3, 2022 at 1:00 PM

19 min. read

Category: Malware

There Is More Than One Way to Sleep: Dive Deep Into the Implementations of API Hammering by Various Malware Families

GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool

Popping Eagle: How We Leveraged Global Analytics to Discover a Sophisticated Threat Actor

Weaponization of Excel Add-Ins Part 2: Dridex Infection Chain Case Studies

Emotet Summary: November 2021 Through January 2022

Harmful Help: Analyzing a Malicious Compiled HTML Help File Delivering Agent Tesla

Defeating BazarLoader Anti-Analysis Techniques

Threat Assessment: BlackByte Ransomware

Trends in Web Threats: Attackers Were More Active During Holiday Season

New SolarMarker (Jupyter) Campaign Demonstrates the Malware’s Changing Attack Patterns

Spear Phishing Attacks Target Organizations in Ukraine, Payloads Include the Document Stealer OutSteel and the Downloader SaintBot

SockDetour – a Silent, Fileless, Socketless Backdoor – Targets U.S. Defense Contractors

Russia-Ukraine Cyberattacks (Updated): How to Protect Against Related Cyberthreats Including DDoS, HermeticWiper, Gamaredon, Website Defacement, Phishing and Scams

New Emotet Infection Method

Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine (Updated June 22)

Popular Resources

Legal Notices

Account

Trending

Popular Resources

Legal Notices

Account