Collaborate Disseminate
While still not widely distributed, a new Windows remote access trojan (RAT) dubbed StilachiRAT is a serious threat. “[The malware] demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensit… Continue reading Stealthy StilachiRAT steals data, may enable lateral movement
Malware peddlers are using NodeLoader, a loader written in Node.js, to foil security solutions and deliver infostealers and cryptominers to gamers. The malicious links in YouTube comments (Source: Zscaler ThreatLabz) Attackers leveraging the Node.js lo… Continue reading Evasive Node.js loader masquerading as game hack
Threat actors are using an ingenious new way for covertly delivering malware to a wide variety of operating systems and platforms: they have created a malware loader that uses Godot Engine, an open-source game engine. The loader – dubbed GodLoade… Continue reading Cybercriminals used a gaming engine to create undetectable malware loader
Threat actors have been abusing a bug in how Windows handles LNK files with non-standard target paths and internal structures to prevent in-built protections from stopping malicious payloads and trick users into running them. “We identified multi… Continue reading Researchers unearth MotW bypass technique used by threat actors for years
A newly spotted campaign is leveraging BPL sideloading and other uncommon tricks to deliver the IDAT Loader (aka HijackLoader) malware and prevent its detection. The campaign Spotted by Kroll’s incident responders and analyzed by the company’s Cy… Continue reading Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys
At its annual re:Inforce conference, Amazon Web Services (AWS) has announced new and enhanced security features and tools. Additional multi-factor authentication option To facilitate the concerted push to get customers to secure their accounts with mul… Continue reading AWS unveils new and improved security features
An analysis of 100,000+ Windows malware samples has revealed the most prevalent techniques used by malware developers to successfully evade defenses, escalate privileges, execute the malware, and assure its persistence. Malware tactics and techniques T… Continue reading The most prevalent malware behaviors and techniques
In 2023, 50% of malware detections for SMBs were keyloggers, spyware and stealers, malware that attackers use to steal data and credentials, according to Sophos. Attackers subsequently use this stolen information to gain unauthorized remote access, ext… Continue reading Keyloggers, spyware, and stealers dominate SMB malware detections
The US Justice Department announced the completion of court-authorized operation MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated malware, called “Snake” (aka “Uroburos”), that the US Government att… Continue reading Turla’s Snake malware network disrupted by Five Eyes’ authorities
We’ve been developing machine learning-based cybersecurity systems for many years and began developing automation for analysis in our labs in 2005. These early automation projects have since evolved into full-blown machine-learning frameworks. Si… Continue reading Malware and machine learning: A match made in hell