More Than Meets the Eye: Exposing a Polyglot File That Delivers IcedID 7,001 people reacted More Than Meets the Eye: Exposing a Polyglot File That Delivers IcedID By Mark Lim September 27, 2022 at 6:00 AM 2 4 min. read
Hunting for Unsigned DLLs to Find APTs 10,541 people reacted Hunting for Unsigned DLLs to Find APTs By Daniela Shalev and Itay Gamliel September 26, 2022 at 6:00 AM 19 7 min. read
Domain Shadowing: A Stealthy Use of DNS Compromise for Cybercrime 18,822 people reacted Domain Shadowing: A Stealthy Use of DNS Compromise for Cybercrime By Janos Szurdi, Rebekah Houser and Daiping Liu September 21, 2022 at 6:00 AM 14 7 min. read
OriginLogger: A Look at Agent Tesla’s Successor 21,524 people reacted OriginLogger: A Look at Agent Tesla’s Successor By Jeff White September 13, 2022 at 6:00 AM 3 14 min. read
Credential Gathering From Third-Party Software 23,005 people reacted Credential Gathering From Third-Party Software By Dor Attar September 8, 2022 at 12:00 PM 23 14 min. read
New SolarMarker (Jupyter) Campaign Demonstrates the Malware’s Changing Attack Patterns 39,405 people reacted New SolarMarker (Jupyter) Campaign Demonstrates the Malware’s Changing Attack Patterns By Shimi Cohen, Inbal Shalev and Irena Damsky April 8, 2022 at 6:00 PM 268 8 min. read
Spear Phishing Attacks Target Organizations in Ukraine, Payloads Include the Document Stealer OutSteel and the Downloader SaintBot 40,981 people reacted Spear Phishing Attacks Target Organizations in Ukraine, Payloads Include the Document Stealer OutSteel and the Downloader SaintBot By Unit 42 February 25, 2022 at 5:30 PM 7 21 min. read
Russia-Ukraine Cyberattacks (Updated): How to Protect Against Related Cyberthreats Including DDoS, HermeticWiper, Gamaredon, Website Defacement, Phishing and Scams 97,944 people reacted Russia-Ukraine Cyberattacks (Updated): How to Protect Against Related Cyberthreats Including DDoS, HermeticWiper, Gamaredon, Website Defacement, Phishing and Scams By Unit 42 February 22, 2022 at 3:00 PM 289 13 min. read
Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine (Updated June 22) 101,070 people reacted Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine (Updated June 22) By Unit 42 February 3, 2022 at 1:00 PM 50 19 min. read
Weaponization of Excel Add-Ins Part 1: Malicious XLL Files and Agent Tesla Case Studies 45,712 people reacted Weaponization of Excel Add-Ins Part 1: Malicious XLL Files and Agent Tesla Case Studies By Yaron Samuel January 25, 2022 at 6:00 AM 6 8 min. read
Threat Brief: Ongoing Russia and Ukraine Cyber Conflict 62,530 people reacted Threat Brief: Ongoing Russia and Ukraine Cyber Conflict By Robert Falcone, Mike Harbison and Josh Grunzweig January 20, 2022 at 12:30 PM 37 8 min. read
THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group 63,274 people reacted THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group By Mike Harbison and Alex Hinchliffe July 27, 2021 at 12:00 PM 37 13 min. read
Evade Sandboxes With a Single Bit – the Trap Flag 33,616 people reacted Evade Sandboxes With a Single Bit – the Trap Flag By Mark Lim July 19, 2021 at 3:30 PM 16 5 min. read
Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials 34,500 people reacted Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials By Robert Falcone April 15, 2021 at 6:00 AM 9 8 min. read
Threat Brief: Windows IPv4 and IPv6 Stack Vulnerabilities (CVE-2021-24074, CVE-2021-24086 and CVE-2021-24094) 47,076 people reacted Threat Brief: Windows IPv4 and IPv6 Stack Vulnerabilities (CVE-2021-24074, CVE-2021-24086 and CVE-2021-24094) By Abisheik Ganesan February 9, 2021 at 2:30 PM 51 6 min. read
