Incident response analyst report 2020

We deliver a range of services: incident response, digital forensics and malware analysis. Data in the report comes from our daily practices with organizations seeking assistance with full-blown incident response or complementary expert activities for their internal incident response teams. Continue reading Incident response analyst report 2020

‘Hidden Bee’ miner delivered via improved drive-by download toolkit

Threat actors switch to the Hidden Bee miner as a payload for this unusual and complex drive-by download campaign.
Categories:

Exploits
Threat analysis

Tags: bootkitcryptominerdrive-by attackexploithidden beehidden bee minerMBR

(Read more…… Continue reading ‘Hidden Bee’ miner delivered via improved drive-by download toolkit

Avzhan DDoS bot dropped by Chinese drive-by attack

The Avzhan DDoS bot is back in the wild again, this time being dropped by a Chinese drive-by attack. In this post, we’ll take a deep dive into its functionality and compare the sample we captured with the one described in the past.
Categories:

M… Continue reading Avzhan DDoS bot dropped by Chinese drive-by attack

Avzhan DDoS bot dropped by Chinese drive-by attack

The Avzhan DDoS bot is back in the wild again, this time being dropped by a Chinese drive-by attack. In this post, we’ll take a deep dive into its functionality and compare the sample we captured with the one described in the past.
Categories:

M… Continue reading Avzhan DDoS bot dropped by Chinese drive-by attack

Attackers Inject Persistent Cryptomining in Browsers

Attackers have found a new technique to make cryptocurrency mining, or cryptomining, inside browsers persistent, or at least survive normal attempts of closing the browser window. Drive-by cryptomining has become widespread in recent months with websit… Continue reading Attackers Inject Persistent Cryptomining in Browsers

Attackers Inject Persistent Cryptomining in Browsers

Attackers have found a new technique to make cryptocurrency mining, or cryptomining, inside browsers persistent, or at least survive normal attempts of closing the browser window. Drive-by cryptomining has become widespread in recent months with websit… Continue reading Attackers Inject Persistent Cryptomining in Browsers