AutoFocus Archives

A conceptual image representing THOR, a previously unseen PlugX variant deployed by the PKPLUG Group. The image features a Panda because PKPLUG is also known as Mustang Panda. It also features the logos of Palo Alto Networks and Unit 42.

39,135

people reacted

THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group

By Mike Harbison and Alex Hinchliffe
July 27, 2021 at 12:00 PM

13 min. read

Conceptual image illustrating WastedLocker ransomware

35,350

people reacted

Threat Assessment: WastedLocker Ransomware

By Alex Hinchliffe, Doel Santos, Adrian McCabe and Robert Falcone
July 30, 2020 at 6:00 AM

4 min. read

34,342

people reacted

Evolution of Valak, from Its Beginnings to Mass Distribution

By Brad Duncan
July 24, 2020 at 12:00 PM

11 min. read

A conceptual illustration showing a world map along with icons representing malware and other tools used by malicious actors

37,115

people reacted

OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory

By Robert Falcone
July 22, 2020 at 6:00 AM

18 min. read

35,341

people reacted

HenBox: Inside the Coop

By Alex Hinchliffe, Mike Harbison, Jen Miller-Osborn and Tom Lancaster
April 26, 2018 at 5:00 AM

19 min. read

42,623

people reacted

HenBox: The Chickens Come Home to Roost

By Alex Hinchliffe, Mike Harbison, Jen Miller-Osborn and Tom Lancaster
March 13, 2018 at 5:00 AM

18 min. read

34,748

people reacted

Compromised Servers & Fraud Accounts: Recent Hancitor Attacks

By Vicky Ray and Brad Duncan
February 7, 2018 at 5:00 AM

7 min. read

56,458

people reacted

VERMIN: Quasar RAT and Custom Malware Used In Ukraine

By Juan Cortes and Tom Lancaster
January 29, 2018 at 5:00 AM

8 min. read

24,774

people reacted

Master Channel: The Boleto Mestre Campaign Targets Brazil

By Brad Duncan
December 7, 2017 at 5:00 AM

8 min. read

33,951

people reacted

The Blockbuster Saga Continues

By Anthony Kasza
August 14, 2017 at 5:00 AM

3 min. read

28,651

people reacted

Practice Makes Perfect: Nemucod Evolves Delivery and Obfuscation Techniques to Harvest Credentials

By Alex Hinchliffe
May 11, 2017 at 4:00 AM

25 min. read

37,820

people reacted

The Blockbuster Sequel

By Anthony Kasza and Micah Yates
April 7, 2017 at 5:00 AM

8 min. read

21,952

people reacted

Review of Regional Malware Trends in EMEA: Part 1

By Alex Hinchliffe
December 23, 2016 at 5:00 AM

10 min. read

Attack Delivers ‘9002’ Trojan Through Google Drive

By Robert Falcone and Jen Miller-Osborn
July 26, 2016 at 5:00 PM

8 min. read

25,968

people reacted

Technical Walkthrough: Office Test Persistence Method Used In Recent Sofacy Attacks

By Robert Falcone
July 20, 2016 at 5:00 AM

9 min. read

Posts tagged with: AutoFocus

THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group

Threat Assessment: WastedLocker Ransomware

Evolution of Valak, from Its Beginnings to Mass Distribution

OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory

HenBox: Inside the Coop

HenBox: The Chickens Come Home to Roost

Compromised Servers & Fraud Accounts: Recent Hancitor Attacks

VERMIN: Quasar RAT and Custom Malware Used In Ukraine

Master Channel: The Boleto Mestre Campaign Targets Brazil

The Blockbuster Saga Continues

Practice Makes Perfect: Nemucod Evolves Delivery and Obfuscation Techniques to Harvest Credentials

The Blockbuster Sequel

Review of Regional Malware Trends in EMEA: Part 1

Attack Delivers ‘9002’ Trojan Through Google Drive

Technical Walkthrough: Office Test Persistence Method Used In Recent Sofacy Attacks

Popular Resources

Legal Notices

Account

Trending

Popular Resources

Legal Notices

Account