Business Security

Many attackers are switching from file-based malware to memory-based attacks to improve their stealth. “Fileless,” “zero-footprint,” or “living off the land” threats use legitimate applications to carry out malicious activities.

We recently acquired a spam sample that propagates the Loki infostealer through LZH compressed archive files.

We provide recommendations for cloud admins on how to formulate a security strategy when using Kubernetes for container orchestration.

A campaign propagates a new malware named ‘BazarBackdoor’, a fileless backdoor reportedly created by the same threat actors behind TrickBot.

Is your work-from-home set up secure? Here are a few signs to know if your devices have been hacked or infected with malware.

A variant of Loki info stealer that we detected through our honeypot is propagated as Windows CAB file email attachments. It uses process hollowing to evade detection.

A spam campaign that spreads the Ursnif spyware has attachments named after an Australian insurance provider.

Maze ransomware, notorious for not just encrypting but for stealing victims’ data, attacks a US IT firm. The company sent emails to customers which include IP addresses and file hashes that have been linked to previous Maze attacks.

Cybercriminals behind Nemty ransomware close down their Ransomware-as-a-Service (RaaS) operation as they zero in on private schemes. This is confirmed through a post in a Russian hacker forum.