Estimated reading time: 10 minutes
Contents Introduction Initial Findings Infection Chain. Technical Analysis Stage 0 – Malicious ZIP File. Stage 1 – Malicious VELETRIX implant. Stage 2 – Malicious V-Shell implant. Hunting and Infrastructure. Attribution Conclusion Seqrite Protection. IOCs MITRE ATT&CK. Authors: Subhajeet Singha...
Estimated reading time: 8 minutes
Table of Contents: Introduction Threat Profile Infection Chain Campaign-1 Analysis of Decoy: Technical Analysis Fingerprint of ROKRAT’s Malware Campaign-2 Analysis of Decoy Technical analysis Detailed analysis of Decoded tony31.dat Conclusion Seqrite Protections MITRE Att&ck: IoCs Introduction: Security researchers at...
Estimated reading time: 7 minutes
Recently we have observed multiple stealer malware such as Remcos, DcRAT,AgentTesla, VIPKeyLogger, etc. distributed through a steganographic campaign. On tracing the roots, the campaign has been around for a while but has not been active since long. What makes...
Estimated reading time: 6 minutes
Introduction: We recently identified a new malware campaign using fake CAPTCHA pages to deliver Lumma Stealer, an infostealer operating under the malware-as-a-service (MaaS) model, first discovered in 2022. In previous campaigns, including those in mid-2024, attackers used ClickFix a...
Estimated reading time: 2 minutes
Current times have witnessed a large percentage of cyber breaches resulting from human errors. For example, the famous WannaCry ransomware attack that affected the entire world in 2017 increased due to negligence of security teams in ensuring if the...
Estimated reading time: 4 minutes
New targeted ransomware called SNAKE or EKANS was found in early January. Malware is written in the Go language and it is heavily obfuscated and goes after ICS environments. Snake Ransomware seems to be distributed via a focused and...
Estimated reading time: 4 minutes
Use of Phishing emails is not new for cyber-attack and is still one of the classic strategies to compromise a victim’s machine. Cyber criminals lure victims to open email attachments (mostly Doc and XLS files) by faking them to...
Estimated reading time: 3 minutes
As the number and nature of cyber threats grows increasingly day by day, organizations have opened up to the threat caused by cyber attacks. The North Atlantic Treaty Organization, which is better known as NATO, recognized cyberspace as a...
Estimated reading time: 3 minutes
For any organization, big or small, endpoint security acts as a frontline against cyber attacks. Ultimately, endpoints refer to every device that is connected to the enterprise network. Most attacks on an organization can be traced back to devices...
Estimated reading time: 3 minutes
It is not a situation any network administrator ever wants to be in. Yet, considering the multitude of attacks nowadays, the possibility of being in such a situation is getting more and more likely. The last year has shown...