OriginLogger: A Look at Agent Tesla’s Successor 72,829 people reacted OriginLogger: A Look at Agent Tesla’s Successor By Jeff White September 13, 2022 at 6:00 AM 48 14 min. read
Credential Gathering From Third-Party Software 58,836 people reacted Credential Gathering From Third-Party Software By Dor Attar September 8, 2022 at 12:00 PM 58 14 min. read
New SolarMarker (Jupyter) Campaign Demonstrates the Malware’s Changing Attack Patterns 52,574 people reacted New SolarMarker (Jupyter) Campaign Demonstrates the Malware’s Changing Attack Patterns By Shimi Cohen, Inbal Shalev and Irena Damsky April 8, 2022 at 6:00 PM 299 8 min. read
Spear Phishing Attacks Target Organizations in Ukraine, Payloads Include the Document Stealer OutSteel and the Downloader SaintBot 65,075 people reacted Spear Phishing Attacks Target Organizations in Ukraine, Payloads Include the Document Stealer OutSteel and the Downloader SaintBot By Unit 42 February 25, 2022 at 5:30 PM 32 21 min. read
Russia-Ukraine Cyberattacks (Updated): How to Protect Against Related Cyberthreats Including DDoS, HermeticWiper, Gamaredon, Website Defacement, Phishing and Scams 130,560 people reacted Russia-Ukraine Cyberattacks (Updated): How to Protect Against Related Cyberthreats Including DDoS, HermeticWiper, Gamaredon, Website Defacement, Phishing and Scams By Unit 42 February 22, 2022 at 3:00 PM 331 13 min. read
Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine 134,464 people reacted Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine By Unit 42 February 3, 2022 at 1:00 PM 63 15 min. read
Weaponization of Excel Add-Ins Part 1: Malicious XLL Files and Agent Tesla Case Studies 68,690 people reacted Weaponization of Excel Add-Ins Part 1: Malicious XLL Files and Agent Tesla Case Studies By Yaron Samuel January 25, 2022 at 6:00 AM 9 8 min. read
Threat Brief: Ongoing Russia and Ukraine Cyber Activity 88,027 people reacted Threat Brief: Ongoing Russia and Ukraine Cyber Activity By Robert Falcone, Mike Harbison and Josh Grunzweig January 20, 2022 at 12:30 PM 55 8 min. read
THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group 88,733 people reacted THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group By Mike Harbison and Alex Hinchliffe July 27, 2021 at 12:00 PM 55 13 min. read
Evade Sandboxes With a Single Bit – the Trap Flag 40,194 people reacted Evade Sandboxes With a Single Bit – the Trap Flag By Mark Lim July 19, 2021 at 3:30 PM 35 5 min. read
Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials 45,741 people reacted Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials By Robert Falcone April 15, 2021 at 6:00 AM 26 8 min. read
Threat Brief: Windows IPv4 and IPv6 Stack Vulnerabilities (CVE-2021-24074, CVE-2021-24086 and CVE-2021-24094) 51,263 people reacted Threat Brief: Windows IPv4 and IPv6 Stack Vulnerabilities (CVE-2021-24074, CVE-2021-24086 and CVE-2021-24094) By Abisheik Ganesan February 9, 2021 at 2:30 PM 70 6 min. read
Threat Assessment: WastedLocker Ransomware 47,416 people reacted Threat Assessment: WastedLocker Ransomware By Alex Hinchliffe, Doel Santos, Adrian McCabe and Robert Falcone July 30, 2020 at 6:00 AM 31 4 min. read
Evolution of Valak, from Its Beginnings to Mass Distribution 52,301 people reacted Evolution of Valak, from Its Beginnings to Mass Distribution By Brad Duncan July 24, 2020 at 12:00 PM 18 11 min. read
OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory 65,886 people reacted OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory By Robert Falcone July 22, 2020 at 6:00 AM 29 18 min. read