Use of ‘StegWare’ Increases in Stealth Malware Attacks

Researchers are warning malware payloads can bypass traditional AV protection when delivered buried inside images, documents or even just a pixel. Continue reading Use of ‘StegWare’ Increases in Stealth Malware Attacks

Travle aka PYLOT backdoor hits Russian-speaking targets

At the end of September, Palo Alto released a report on Unit42 activity where they – among other things – talked about PYLOT malware. We have been detecting attacks that have employed the use of this backdoor since at least 2015 and refer to it as Travle. Coincidentally, KL was recently involved in an investigation of a successful attack where Travle was detected, during which we conducted a deep analysis of this malware. Continue reading Travle aka PYLOT backdoor hits Russian-speaking targets