Credit to Author: Cedric Pernet| Date: Fri, 27 Oct 2023 00:00:00 +0000
This report explores the Kopeechka service and gives a detailed technical analysis of the service’s features and capabilities and how it can help cybercriminals to achieve their goals.
Read moreCredit to Author: Peter Girnus| Date: Thu, 15 Jun 2023 00:00:00 +0000
We looked into the documented behavior of SeroXen malware and noted the inclusion of the latest iteration of the batch obfuscation engine BatCloak to generate a fully undetectable (FUD) .bat loader. This is the second part of a three-part series documenting the abuse of BatCloak’s evasion capabilities and interoperability with other malware.
Read moreCredit to Author: Mohamed Fahmy| Date: Thu, 02 Feb 2023 00:00:00 +0000
We analyze an infection campaign targeting organizations in the Middle East for cyberespionage in December 2022 using a new backdoor malware. The campaign abuses legitimate but compromised email accounts to send stolen data to external mail accounts controlled by the attackers.
Read more
Credit to Author: Adolph Christian Silverio| Date: Thu, 19 May 2022 00:00:00 +0000
During the first quarter of 2022, we discovered a significant number of infections using multiple new Emotet variants that employed both old and new techniques to trick their intended victims into accessing malicious links and enabling macro content.
Read more
Credit to Author: Ian Kenefick| Date: Fri, 21 Jan 2022 00:00:00 +0000
We found waves of Emotet spam campaigns using unconventional IP addresses to evade detection.
Read more
Credit to Author: Abraham Camba| Date: Fri, 17 Dec 2021 00:00:00 +0000
We analyzed a fileless QAKBOT stager possibly connected to the recently reported Squirrelwaffle campaign.
Read more