Estimated reading time: 4 minutes
Recently, we came across a new banking trojan called Coyote, which utilizes a tool/library called Squirrel Installer, developed to install and manage updates of windows applications. The malware looks more evolved than our normal banking trojans and can potentially...Search Results
Estimated reading time: 3 minutes
On Friday, March 29, developer Andres Freund detected unusual behavior in his Debian sid environment. In response, he contacted an open-source security mailing list to report his discovery of an upstream backdoor in the commonly used command-line tool XZ...
Estimated reading time: 4 minutes
Ransomware attacks today have become increasingly prevalent and sophisticated. One such alarming trend is the surge in remote ransomware attacks, also known as malicious remote encryption. This attack vector involves using compromised endpoints to encrypt data on other devices...
Estimated reading time: 11 minutes
SEQRITE Labs APT-Team has uncovered a phishing campaign targeting various Indian government personnel since October 2023. We have also identified targeting of both government and private entities in the defence sector over December. New Rust-based payloads and encrypted PowerShell commands have been utilized...
Estimated reading time: 5 minutes
Overview: Batloader is not a new malware in the series – it is an emerging one. In our previous blogs, we discussed how Batloader can deploy different types of malware, including stealers and ransomware. We also delved into its...
Estimated reading time: 6 minutes
Cerber is a strain of ransomware that was first identified in early 2016. It is a type of malware that encrypts a victim’s files and demands a ransom for the decryption key needed to unlock the files. Cerber, like...
Estimated reading time: 5 minutes
Overview: In our rapidly advancing technological landscape, cyber threat actors have grown increasingly sophisticated, employing intricate attack chains and malicious applications. They meticulously plan and execute well-defined, strategic attacks that unfold in stages. A typical malware attack comprises various...
Estimated reading time: 11 minutes
SEQRITE Labs APT-Team has discovered multiple campaigns of APT SideCopy, targeting Indian government and defense entities in the past few months. The threat group is now exploiting the recent WinRAR vulnerability CVE-2023-38831 (See our advisory for more details) to...
Estimated reading time: 4 minutes
Zero-day vulnerabilities represent an imminent threat to cyber security, and in this case, two such vulnerabilities, CVE-2023-38831 and CVE-2023-40477, have been identified in the widely utilized WinRAR software. These vulnerabilities pose a grave concern due to their potential for...
Estimated reading time: 7 minutes
Introduction: First observed in the middle of 2021, Mallox Ransomware has emerged as a formidable threat in the cybercrime landscape. With its ability to encrypt all volumes, including local and network-shared drives, it gradually spreads control over the system,...