AutoFocus Archives

A conceptual image representing THOR, a previously unseen PlugX variant deployed by the PKPLUG Group. The image features a Panda because PKPLUG is also known as Mustang Panda. It also features the logos of Palo Alto Networks and Unit 42.

32,687

people reacted

THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group

By Mike Harbison and Alex Hinchliffe
July 27, 2021 at 12:00 PM

13 min. read

Conceptual image illustrating WastedLocker ransomware

33,827

people reacted

Threat Assessment: WastedLocker Ransomware

By Alex Hinchliffe, Doel Santos, Adrian McCabe and Robert Falcone
July 30, 2020 at 6:00 AM

4 min. read

32,107

people reacted

Evolution of Valak, from Its Beginnings to Mass Distribution

By Brad Duncan
July 24, 2020 at 12:00 PM

11 min. read

A conceptual illustration showing a world map along with icons representing malware and other tools used by malicious actors

34,122

people reacted

OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory

By Robert Falcone
July 22, 2020 at 6:00 AM

18 min. read

34,382

people reacted

HenBox: Inside the Coop

By Alex Hinchliffe, Mike Harbison, Jen Miller-Osborn and Tom Lancaster
April 26, 2018 at 5:00 AM

19 min. read

41,127

people reacted

HenBox: The Chickens Come Home to Roost

By Alex Hinchliffe, Mike Harbison, Jen Miller-Osborn and Tom Lancaster
March 13, 2018 at 5:00 AM

18 min. read

33,714

people reacted

Compromised Servers & Fraud Accounts: Recent Hancitor Attacks

By Vicky Ray and Brad Duncan
February 7, 2018 at 5:00 AM

7 min. read

51,466

people reacted

VERMIN: Quasar RAT and Custom Malware Used In Ukraine

By Juan Cortes and Tom Lancaster
January 29, 2018 at 5:00 AM

8 min. read

23,727

people reacted

Master Channel: The Boleto Mestre Campaign Targets Brazil

By Brad Duncan
December 7, 2017 at 5:00 AM

8 min. read

32,763

people reacted

The Blockbuster Saga Continues

By Anthony Kasza
August 14, 2017 at 5:00 AM

3 min. read

27,689

people reacted

Practice Makes Perfect: Nemucod Evolves Delivery and Obfuscation Techniques to Harvest Credentials

By Alex Hinchliffe
May 11, 2017 at 4:00 AM

25 min. read

36,433

people reacted

The Blockbuster Sequel

By Anthony Kasza and Micah Yates
April 7, 2017 at 5:00 AM

8 min. read

21,019

people reacted

Review of Regional Malware Trends in EMEA: Part 1

By Alex Hinchliffe
December 23, 2016 at 5:00 AM

10 min. read

Attack Delivers ‘9002’ Trojan Through Google Drive

By Robert Falcone and Jen Miller-Osborn
July 26, 2016 at 5:00 PM

8 min. read

24,899

people reacted

Technical Walkthrough: Office Test Persistence Method Used In Recent Sofacy Attacks

By Robert Falcone
July 20, 2016 at 5:00 AM

9 min. read

Posts tagged with: AutoFocus

THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group

Threat Assessment: WastedLocker Ransomware

Evolution of Valak, from Its Beginnings to Mass Distribution

OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory

HenBox: Inside the Coop

HenBox: The Chickens Come Home to Roost

Compromised Servers & Fraud Accounts: Recent Hancitor Attacks

VERMIN: Quasar RAT and Custom Malware Used In Ukraine

Master Channel: The Boleto Mestre Campaign Targets Brazil

The Blockbuster Saga Continues

Practice Makes Perfect: Nemucod Evolves Delivery and Obfuscation Techniques to Harvest Credentials

The Blockbuster Sequel

Review of Regional Malware Trends in EMEA: Part 1

Attack Delivers ‘9002’ Trojan Through Google Drive

Technical Walkthrough: Office Test Persistence Method Used In Recent Sofacy Attacks

Popular Resources

Legal Notices

Account

Trending

Popular Resources

Legal Notices

Account