Malware Related Topics 
Aqua Security
AUGUST 11, 2022
In a fileless attack, the malware is directly loaded into memory and executed, evading common defenses and static scanning. Aqua Security Malware AttacksA fileless attack is a technique that takes incremental steps toward gaining control of your environment while remaining undetected.
Aqua Security
SEPTEMBER 15, 2022
The scripts and malware that were used bear a striking resemblance to none other than the threat actor TeamTNT. Advanced Threat Mitigation Malware AttacksOver the past week we observed three different attacks on our honeypots.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Aqua Security
FEBRUARY 1, 2023
Known as HeadCrab , this advanced threat actor utilizes a state-of-the-art, custom-made malware that is undetectable by agentless and traditional anti-virus solutions to compromise a large number of Redis servers. Security Threats Cloud Native Security Malware Attacks
Aqua Security
DECEMBER 1, 2022
Aqua Nautilus discovered new Go based malware that targets Redis servers. Our investigation revealed new undetected malware written in Golang designed to target Redis servers to allow the attacking server to dominate the compromised machine.
Lacework
DECEMBER 6, 2022
And the majority of this activity has been linked to the same python malware dubbed AndroxGh0st with at least one incident tied to an actor known as Xcatze. For AWS specifically, the malware scans for and parses AWS keys but also has the ability to generate keys for brute force attacks.
Aqua Security
DECEMBER 2, 2020
Our cyber research team detected a new type of attack that executes and runs malware straight from memory in containers, thus evading common defenses and static scanning. We found four container images in Docker Hub designed to execute fileless malware attacks.
Symantec
FEBRUARY 16, 2023
Malware injects malicious code into Failed Request Event Buffering module in order to monitor HTTP requests from attacker
Aqua Security
APRIL 3, 2020
Container Vulnerability Cloud Native Security Malware AttacksLately we’ve been witnessing a rise in the number of attacks that target container environments. We’ve been tracking an organized attack campaign that targets misconfigured open Docker Daemon API ports.
Lacework
FEBRUARY 27, 2023
James CondonDirector of Research, Lacework Labs This malware sample may unlock your variable naming writer’s block. Have you ever tried using your favorite foods? We hadn’t either until we came across this one.
Palo Alto Networks
NOVEMBER 16, 2022
With the sophistication of today’s threat landscape, malware is more evasive than ever. Nova – the next evolution of network security that allows you to stop zero-day malware with zero stress. The Evolution of Modern Malware. Modern malware is increasingly evasive.
Lacework
OCTOBER 13, 2021
The post “Spytech Necro” – Keksec’s Latest Python Malware appeared first on Lacework.
Aqua Security
AUGUST 17, 2020
Now, Tracee is much more than just a system call tracer , it’s a powerful tool that can be used to perform forensic investigations and dynamic analysis of binaries – both are incredibly useful when looking for hidden malware.
Aqua Security
JANUARY 4, 2023
Recently, a dependency of the widely used PyTorch-nightly Python package was targeted in a dependency confusion attack, resulting in thousands of individuals downloading a malicious binary that exfiltrated data through DNS.
Lacework
SEPTEMBER 30, 2021
The post Mirai goes Stealth – TLS & IoT Malware appeared first on Lacework.
Lacework
JULY 15, 2022
This ancient technique has found its place in the world of malware, namely hiding malicious code within other files including image formatted files ( T1027.003 ). General indicators and signatures for steg malware are provided in the hunting section. Malware Details.
The Parallax
JANUARY 30, 2018
During a month that’s seen Android malware new and old plague the world’s most popular mobile operating system, Google says its Play Store is becoming more civilized and less like the Wild West. You have a lower probability of being infected by malware from Play than being hit by lightning,” Ahn says. A Google representative says the company detects “most” malware successfully uploaded to Google Play “within a day.” Ahn adds that Android malware is becoming more advanced.
SecureWorks
DECEMBER 9, 2022
Type: Blogs Drokbk Malware Uses GitHub as Dead Drop Resolver A subgroup of the Iranian COBALT MIRAGE threat group leverages Drokbk for persistence. A subgroup of the Iranian COBALT MIRAGE threat group leverages Drokbk for persistence. Research & Intelligence
SecureWorks
MARCH 8, 2022
Type: Blogs Excel Add-ins Deliver JSSLoader Malware The GOLD NIAGARA threat group has expanded its tactics for delivering the JSSLoader RAT, spoofing legitimate Microsoft Excel add-ins to infect systems. Learn how CTU researchers observed multiple malicious Microsoft Excel add-ins delivering JSSLoader malware.
Darktrace
JANUARY 30, 2023
This blog post highlights the recent malvertising campaigns targeting Google searches that deploy info-stealer malware. It covers the attackers' techniques and provides a list of indicators of compromise.
Symantec
APRIL 28, 2019
SGX-based malware may not be as troublesome as believed. We'll explain why that is and how Symantec is ready to deal with such malware if they were to appear
Symantec
FEBRUARY 8, 2023
Russia-linked Nodaria group has deployed a new threat designed to steal a wide range of information from infected computers
TechBeacon
AUGUST 27, 2020
Phones branded “ Tecno ” —made by Shenzhen Transsion Holdings—appear to be preinstalled with malware. Smartphone users in emerging markets are being ripped off by suspiciously cheap handsets. Security, Information Security, Security Blogwatch, Privacy
Darktrace
MARCH 22, 2023
Amadey Info-stealer malware was detected across over 30 customers between August and December 2022, spanning various regions and industry verticals.
Tenable
AUGUST 4, 2022
Analyzing the Vulnerabilities Associated with the Top Malware Strains of 2021. International cybersecurity agencies issue a joint alert outlining the top malware strains of 2021. We have analyzed reports on the malware strains to identify any vulnerabilities associated with them.
Lacework
FEBRUARY 27, 2023
James CondonDirector of Research, Lacework Labs Each month we take a look at a malicious Executable and Linkable Format (ELF) file, the common executable file format for Unix and Unix-like Operating Systems, and share details about the sample.
Lacework
FEBRUARY 27, 2023
The combination of an anonymous currency and leaked government security exploits have led to a rising new threat for system administrators.
CTOvision
JANUARY 9, 2022
Scalable automated malware analysis has become a critical component of enterprise defense. When properly implemented it can be key to mitigating malware threats that otherwise bypass perimeter defenses.
Dots and Bridges
JULY 23, 2021
The Ransomware and Malware Conundrum. This high-level session provides real answers for protection and prevention from Ransomware and Malware for an ever- expanding federal network enterprise. The post The Ransomware and Malware Conundrum appeared first on Dots and Bridges.
CTOvision
JULY 29, 2014
Three Questions on Automated Malware Removal with Bob Gourley, Cognitio Corp and CTOVision. While there’s still an emphasis – and related spending – on malware detection, most incident response teams are actually overwhelmed by vast number of security alerts they receive. Effective malware detection is important, but only paired with response and removal can companies effectively prevent the malware that will enter the system from doing damage. By Bob Gourley.
Darktrace
OCTOBER 18, 2022
Recently Darktrace captured the whole kill-chain of an AutoIt malware compromise, from delivery via email to payload download and subsequent C2 AutoIt is a scripting language designed for general purpose development.
Datavail
OCTOBER 11, 2022
Maggie is a malicious backdoor malware designed for SQL Server, recently discovered by DCSO CyTec. What is the SQL Server Malware Maggie? Maggie is malware that is an Extended Stored Procedure DLL, which is a special extension used by Microsoft SQL Servers that allow it to do work inside and outside of SQL. Antivirus detected it as APT_ShadowForce_Malware_ON_Nov17_1 and Trojan/Win.ShadowForce.R472810. Blog Maggie malware SQL Server
CTOvision
DECEMBER 30, 2020
A new strand of malware uses Word files with macros to download a PowerShell script from GitHub. This PowerShell script further downloads a legitimate image file from image hosting service Imgur […]. News GitHub
Lacework
AUGUST 26, 2019
The post Cryptomining Malware Using NSA Hacking Code is Spreading Rapidly appeared first on Lacework. Blog bitcoin cloud threats malwareThe combination of an anonymous currency and leaked government security exploits have led to a rising new threat for system administrators. While cybercriminals have long featured an assortment of ideologically driven activists or rising stars hoping to make a name for themselves with their peers, the vast majority of them are motivated by money.
CTOvision
JANUARY 25, 2021
Cybersecurity firm Symantec has uncovered an additional piece of malware used in the SolarWinds attacks, becoming the fourth piece of malware associated with the wide-ranging compromise of the popular IT […]. News SolarWinds Symantec Symantec Endpoint Protection
CTOvision
MAY 1, 2019
Grimes explain 9 types of malware and how they can affect you on CSO Online : People tend to play fast and loose with security terminology. However, it’s important to get your malware classifications straight because knowing how various types of malware spread is vital to containing and removing them. This concise malware […]. Read Roger A.
TechBeacon
MARCH 19, 2020
From misinformation spread by your Facebook friends, through malware distribution, to the DDoS’ing of health agencies. The novel coronavirus is affecting the world of infosec. Security, Information Security, Security Blogwatch
Darktrace
APRIL 8, 2021
Cyber AI discovered an extensive crypto-mining campaign in cardboard boxes in a disused warehouse. This blog discusses the rise in cryptocurrency farms and what this signals for the international cyber-threat landscape
CTOvision
NOVEMBER 14, 2014
The video below explores DDP Protected Workspace and uniquely addresses healthcare regulations related to malware prevention. The evolution of malware has gone from low sophistication, such as script kiddies, to nation states (tier 1), who are more skilled and who specifically target individuals, or industries with data they intend to infiltrate. The malware is from external agents. Malware is all new, and we need to focus on containment and isolation.
Palo Alto Networks
JUNE 7, 2021
The Unit 42 cybersecurity consulting group published research on the first known malware targeting Windows containers, which was discovered by Unit 42 researcher Daniel Prizmant and named Siloscape.
Lacework
JULY 3, 2019
This malware sample may unlock your variable naming writer’s block. The post Cryptojacking Malware Gets Creative with Variable Names appeared first on Lacework. Have you ever tried using your favorite foods? We hadn’t either until we came across this one. This Bash script was seen following the Confluence exploits we recently blogged about. The unique variable naming isn’t the only thing that caught our eye. The script uses [.]. Read More.
Expert insights. Personalized for you.
106 
Let's personalize your content