evasive
-
Security researchers at Zscaler have uncovered a new anti-analysis feature in recent iterations of the Zloader malware (versions 2.4.1.0 and 2.5.1.0), making it significantly more difficult for analysts to study and potentially increasing the threat it poses.
-
Apr 19, 2024NewsroomCyber Espionage / Threat Intelligence
-
Kaspersky Labs researchers have revealed a new, targeted malware campaign dubbed “DuneQuixote” with a focus on government entities within the Middle East. The campaign, active since at least February 2023, utilizes a custom malware known as “CR4T” alongside droppers that go to great lengths to avoid detection.
-
Thought to be neutralized last year, the notorious QakBot malware has re-emerged with updated techniques designed to evade detection and re-establish itself as a potent force in the threat landscape. Security analysts at Binary Defense have dissected a recent QakBot campaign, revealing new anti-analysis tricks and an innovative persistence mechanism.
-
Security researchers at SonicWall Capture Labs have discovered a cunning new Trojan written in the Golang programming language. This insidious malware employs a range of deceptive tactics, including geographical checks and the installation of a fraudulent root certificate, to maintain hidden communication channels with its command-and-control (C2) server.
-
WatchGuard® Technologies, a unified cybersecurity company, has announced the findings of its latest Internet Security Report, detailing the top malware trends and network and endpoint security threats analysed by WatchGuard Threat Lab researchers. Key findings from the data show a dramatic surge in evasive malware that fueled a large increase of total malware, threat actors…
-
A newly discovered malware loader is making waves in the cybercrime world, helping the notorious Agent Tesla infostealer expand its reach. This loader isn’t groundbreaking in its tactics, but its careful combination of techniques creates a potent recipe for increased infections and a serious headache for security teams. Detected by SpiderLabs on March 8, 2024,…
-
Cybersecurity experts at ESET have come across a malicious campaign that targets Tibetans in many countries by leveraging the website of a religious gathering. Evasive Panda cyber attacks are associated with a China-linked Advanced Persistent Threat (APT) actor.
-
Summary Netskope Threat Labs has observed an evasive Azorult campaign in the wild that employs multiple defense evasion techniques from delivery through execution to fly under the defender’s radar as it steals sensitive data.
-
ESET researchers discovered a cyberespionage campaign that, since at least September 2023, has been victimizing Tibetans through a targeted watering hole (also known as a strategic web compromise), and a supply-chain compromise to deliver trojanized installers of Tibetan language translation software. The attackers aimed to deploy malicious downloaders for Windows and macOS to compromise website…
-
CyberheistNews Vol 14 #08 | February 20th, 2024
-
A new report shows massive increases in browser attacks in the second half of 2023, with over 31,000 threats specifically designed to bypass security solution detection.
-
Akamai announced Content Protector, a product that stops scraping attacks without blocking the good traffic that companies need to enhance their business.
-
Thirty percent of browser-based phishing attacks are now classified as evasive, allowing cybercriminals to successfully exploit human vulnerabilities and bypass traditional security tools
-
arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.
-
Sandfly founder Craig Rowland recently spoke at the Oslo Cold Incident Response Conference on evasive Linux malware. Although talks were not recorded, he made a video of the presentation he gave…
-
Sandfly founder Craig Rowland gave a presentation for the FIRST Cold Incident Response Conference in Oslo on evasive Linux backdoors. His talk focused on the infamous BPFDoor backdoor. BPFDoor used a…
-
Sandfly founder Craig Rowland gave a presentation for the FIRST Cold Incident Response Conference in Oslo on evasive Linux backdoors. His talk focused on the infamous BPFDoor backdoor. BPFDoor used a…
-
A stealthy advanced persistent threat (APT) tracked as Gelsemium was observed in attacks targeting a Southeast Asian government that spanned six months between 2022 and 2023.
-
We focus on technical intelligence, research and engineering to help operational [blue|purple] teams defend their estates and have awareness of the world.