Collaborate Disseminate
Over the last few months, we have seen increased Exploit Kit activity. One example is the Fallout Exploit Kit, which we will describe in depth in this article. Since its emergence in August 2018, threat actors have intensively used the Fallout Exploit … Continue reading A close look at Fallout Exploit Kit and Raccoon Stealer
As the malware industry expands, new tricks added to the cyber-criminal arsenal show up on a daily basis. Our Advanced Threat Control team has identified a massive expansion of the malicious repertoire meant to resurface old, but not-forgotten threats…. Continue reading Who IsErIk: A Resurface of an Advanced Persistent Adware?
Bitdefender researchers recently found and analyzed a worm-cryptominer combo that uses a series of exploits to move laterally and compromise victims. What makes it interest is that it pauses the resource-intensive cryptomining process if it finds popul… Continue reading Worm-Cryptominer Combo Lets You Game While Using NSA Exploits to Move Laterally
Bitdefender senior researchers Dan Horea Luțaș and Andrei Vlad Luțaș recently uncovered a new speculative-execution vulnerability and demonstrated how it can be exploited via a side-channel style attack, dubbed SWAPGS Attack. The vu… Continue reading Bypassing KPTI Using the Speculative Behavior of the SWAPGS Instruction
During routine detection monitoring from our Advanced Threat Control technology, Bitdefender researchers found an interesting spike in malware activity that involved using Microsoft binaries in the infection process, as well as GitHub and Google Drive … Continue reading Astaroth Trojan Resurfaces, Targets Brazil through Fileless Campaign
In April, Bitdefender broke the news of an emerging botnet dubbed Scranos. Originating from China, it has spread across Europe and the United States, snaring Windows and Android devices with advertising fraud and social network manipulation. Our origin… Continue reading Scranos Revisited – Rethinking persistence to keep established network alive
This new Bitdefender forensic investigation reveals a complete attack timeline and behavior of a notorious financial cybercriminal group, known as Carbanak. In mid-2018, Bitdefender researchers investigated a targeted attack on an Eastern European fina… Continue reading An APT Blueprint: Gaining New Visibility into Financial Threats
More than one year ago, security researchers at Google Project Zero have disclosed a series of hardware vulnerabilities affecting Intel® x86 microprocessors. Leveraging a feature of modern processors called speculative execution, as well as timing… Continue reading Yet Another Meltdown – A Microarchitectural Fill Buffer Data Sampling Vulnerability (CVE-2018-12130)
Last year, the Bitdefender Cyber Threat Intelligence Lab started analysis of a new password- and data-stealing operation based around a rootkit driver digitally signed with a possibly stolen certificate. The operation, partially described in a recent a… Continue reading Inside Scranos – A Cross Platform, Rootkit-Enabled Spyware Operation
While most DevOps manuals talk about how and why you should embed security into a company’s DevOps culture, the reality is that most security teams are built in a silo—and breaking free from that silo can be incredibly difficult to achieve. Modern tech… Continue reading Webinar – DevSecOps at Hulu: When security and DevOps meet