fileless malware – WindowsTechs.com

APT10: Tracking down LODEINFO 2022, part II

Posted on October 31, 2022 by Suguru Ishimaru

In the second part of this report, we discuss improvements made to the LODEINFO backdoor shellcode in 2022. Continue reading APT10: Tracking down LODEINFO 2022, part II→

APT10: Tracking down LODEINFO 2022, part I

Posted on October 31, 2022 by Suguru Ishimaru

The first part of this report will provide technical analysis of the new infection methods such as SFX files and DOWNIISSA, a new downloader shellcode used to deploy the LODEINFO backdoor. Continue reading APT10: Tracking down LODEINFO 2022, part I→

IT threat evolution Q2 2022

Posted on August 15, 2022 by David Emm

ToddyCat APT and WinDealer man-on-the-side attack, Spring4Shell and other vulnerabilities, ransomware trends and our in-depth analysis of the TTPs of the eight most widespread ransomware families. Continue reading IT threat evolution Q2 2022→

A new secret stash for “fileless” malware

Posted on May 4, 2022 by Denis Legezo

We observed the technique of putting the shellcode into Windows event logs for the first time “in the wild” during the malicious campaign. It allows the “fileless” last stage Trojan to be hidden from plain sight in the file system. Continue reading A new secret stash for “fileless” malware→

APT trends report Q1 2022

Posted on April 27, 2022 by GReAT

This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q1 2022. Continue reading APT trends report Q1 2022→

Fileless Malware, Endpoint Attacks on the Rise

Posted on April 6, 2021 by Nathan Eddy

Cybercriminals are increasingly leveraging fileless malware, cryptominers and encrypted attacks, targeting users both at remote locations as well as corporate assets behind the traditional network perimeter. These were among the findings of WatchGuard… Continue reading Fileless Malware, Endpoint Attacks on the Rise→

APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign

Posted on March 30, 2021 by Suguru Ishimaru

A41APT is a long-running campaign with activities detected from March 2019 to the end of December 2020. Most of the discovered malware families are fileless malware and they have not been seen before. Continue reading APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign→

Adaptive protection against invisible threats

Posted on December 14, 2020 by Oleg Zaitsev

In fact, in most medium-sized companies’ cybersecurity strategies, even with an endpoint solution, there are likely to still be gaps that can and should be closed. In this article, we look at what those gaps are and how to fill them. Continue reading Adaptive protection against invisible threats→

APT Attack Injects Malware into Windows Error Reporting

Posted on October 6, 2020 by Elizabeth Montalbano

The fileless attack uses a phishing campaign that lures victims with information about a worker’s compensation claim. Continue reading APT Attack Injects Malware into Windows Error Reporting→

Fileless Malware Tops Critical Endpoint Threats for 1H 2020

Posted on September 21, 2020 by Tara Seals

When it comes to endpoint security, a handful of threats make up the bulk of the most serious attack tools and tactics. Continue reading Fileless Malware Tops Critical Endpoint Threats for 1H 2020→