What is fileless malware?

Credit to Author: Pieter Arntz| Date: Thu, 28 Oct 2021 11:06:41 +0000

What is fileless malware, and what does a fileless attack look like? Some answers.

Categories: Explained

Tags:

(Read more…)

The post What is fileless malware? appeared first on Malwarebytes Labs.

Read more

German users targeted with Gootkit banker or REvil ransomware

Credit to Author: Threat Intelligence Team| Date: Mon, 30 Nov 2020 16:00:55 +0000

After a noted absence, the Gootkit banking Trojan returns en masse to hit Germany. In an interesting twist, some of the victims may receive ransomware instead.

Categories: MalwareThreat analysis

Tags:

(Read more…)

The post German users targeted with Gootkit banker or REvil ransomware appeared first on Malwarebytes Labs.

Read more

Defending Exchange servers under attack

Credit to Author: Eric Avena| Date: Wed, 24 Jun 2020 16:00:40 +0000

Exchange servers are high-value targets. These attacks also tend to be advanced threats with highly evasive, fileless techniques. Keeping these servers safe from these advanced attacks is of utmost importance.

The post Defending Exchange servers under attack appeared first on Microsoft Security.

Read more

Latest Astaroth living-off-the-land attacks are even more invisible but not less observable

Credit to Author: Eric Avena| Date: Mon, 23 Mar 2020 16:00:01 +0000

Astaroth is back sporting significant changes. The updated attack chain maintains Astaroth’s complex, multi-component nature and continues its pattern of detection evasion.

The post Latest Astaroth living-off-the-land attacks are even more invisible but not less observable appeared first on Microsoft Security.

Read more

Insights from one year of tracking a polymorphic threat

Credit to Author: Eric Avena| Date: Tue, 26 Nov 2019 17:00:56 +0000

We discovered the polymoprhic threat Dexphot in October 2018. In the months that followed, we closely tracked the threat as attackers upgraded the malware, targeted new processes, and worked around defensive measures. One year’s worth of intelligence helped us gain insight not only into the goals and motivations of Dexphot’s authors, but of cybercriminals in general.

The post Insights from one year of tracking a polymorphic threat appeared first on Microsoft Security.

Read more

Lemon_Duck PowerShell malware cryptojacks enterprise networks

Credit to Author: rajeshnataraj| Date: Tue, 01 Oct 2019 04:01:09 +0000

SophosLabs are monitoring a significant spike in crypto mining attacks, which spread quickly across enterprise networks. Starting from a single infection, these attacks use a variety of malicious scripts that, eventually, turn an enterprise&#8217;s large pool of CPU resources into efficient cryptocurrency mining slaves. The threat actors behind these campaigns have been using an array [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/jF91Bgk0dso” height=”1″ width=”1″ alt=””/>

Read more