Malware Analysis

Technical Analysis of Ransom.Win32.LOCKBIT.YXCGD: A Low-Prevalence LockBit Variant

Malware Analysis

Technical Analysis of Ransom.Win32.LOCKBIT.YXCGD: A Low-Prevalence LockBit Variant

Summary: The ransomware variant Ransom.Win32.LOCKBIT.YXCGD (detected as Trojan-Ransom.BlackMatter by IKARUS and Ransom:Win32/Lockbit.STB by Microsoft) represents a low-risk...

Ransom.Win32.RTMCOMMAND.THKBFBD: Analyzing a Low-Risk but Potent Windows Ransomware Strain

Malware Analysis

Ransom.Win32.RTMCOMMAND.THKBFBD: Analyzing a Low-Risk but Potent Windows Ransomware Strain

Discovered in April 2023, Ransom.Win32.RTMCOMMAND.THKBFBD (also tracked as Ransom:Win32/RTMLocker.AA!MTB) is a Windows-specific ransomware strain with limited distribution...

Ransom.Win64.CONTI.AA: Analyzing the Persistent Conti Ransomware Threat

Malware Analysis

Ransom.Win64.CONTI.AA: Analyzing the Persistent Conti Ransomware Threat

Ransom.Win64.CONTI.AA, a variant of the notorious Conti ransomware family, remains a significant threat to Windows systems despite...

Trojan.W97M.EMOTET.SMI: Analyzing the Persistent Emotet Threat Targeting Windows Systems

Malware Analysis

Trojan.W97M.EMOTET.SMI: Analyzing the Persistent Emotet Threat Targeting Windows Systems

Trojan.W97M.EMOTET.SMI is a variant of the notorious Emotet malware, primarily spread through malicious Microsoft Office documents. Despite...

Ransom.MSIL.EGOGEN.THEBBBC: Analyzing a Low-Risk but Persistent Ransomware Threat

Malware Analysis

Ransom.MSIL.EGOGEN.THEBBBC: Analyzing a Low-Risk but Persistent Ransomware Threat

Ransom.MSIL.EGOGEN.THEBBBC is a ransomware strain targeting Windows systems, classified as low-risk in terms of distribution but with...

Ransom.Win32.NOKO.THDABBC: Low-Risk Ransomware with Medium Damage Potential

Malware Analysis

Ransom.Win32.NOKO.THDABBC: Low-Risk Ransomware with Medium Damage Potential

Ransom.Win32.NOKO.THDABBC is a ransomware strain targeting Windows systems, classified as low risk due to its limited distribution...

Ransom.Win32.SPOOSH.THGAGBC: A Low-Risk Ransomware with High Data Exfiltration Risks

Malware Analysis

Ransom.Win32.SPOOSH.THGAGBC: A Low-Risk Ransomware with High Data Exfiltration Risks

Ransom.Win32.SPOOSH.THGAGBC is a Windows-targeting ransomware strain first documented by Trend Micro in July 2023. While classified as...

Unmasking Prometei: Trend Micro’s MXDR Investigation Reveals Botnet’s Cryptomining Operations

APT-News

Unmasking Prometei: Trend Micro’s MXDR Investigation Reveals Botnet’s Cryptomining Operations

The Prometei botnet has evolved into a sophisticated threat since its emergence in 2016, now leveraging Microsoft...

Fake LDAPNightmare PoC Exploit (CVE-2024-49113) Delivers Information-Stealing Malware

CVE News

Fake LDAPNightmare PoC Exploit (CVE-2024-49113) Delivers Information-Stealing Malware

A malicious campaign is targeting security researchers by distributing a fake proof-of-concept (PoC) exploit for the LDAPNightmare...

HotPage Adware Exploits Microsoft-Signed Driver to Target Chinese Gamers

News

HotPage Adware Exploits Microsoft-Signed Driver to Target Chinese Gamers

ESET researchers have uncovered a sophisticated adware campaign called HotPage, which abuses a vulnerable Microsoft-signed driver to...

Inside RedLine Stealer’s Backend: How the Infamous MaaS Operation Worked

Malware Analysis

Inside RedLine Stealer’s Backend: How the Infamous MaaS Operation Worked

Following an international law enforcement takedown of the RedLine Stealer malware-as-a-service (MaaS) operation in October 2024, ESET...

ESET Threat Report H2 2024: Rising Infostealers, Deepfake Scams, and Cryptocurrency Threats

Threat Intelligence

ESET Threat Report H2 2024: Rising Infostealers, Deepfake Scams, and Cryptocurrency Threats

The second half of 2024 has seen significant shifts in the cyberthreat landscape, according to ESET’s latest...

Dealing with the SolarWinds Orion Compromise: Immediate Actions for Organizations

APT-News
Data Breach

Dealing with the SolarWinds Orion Compromise: Immediate Actions for Organizations

The SolarWinds Orion compromise, disclosed in December 2020, remains one of the most significant cybersecurity incidents in...

NCSC Warns of Cryptojacking: How Malicious Software is Exploiting Devices for Illicit Cryptocurrency Mining

Blue-Team
Exploitation

NCSC Warns of Cryptojacking: How Malicious Software is Exploiting Devices for Illicit Cryptocurrency Mining

The National Cyber Security Centre (NCSC) has issued a warning about the increasing use of malicious software...

Posts pagination

Previous 1 2 3 4

Malware Analysis

Technical Analysis of Ransom.Win32.LOCKBIT.YXCGD: A Low-Prevalence LockBit Variant

Ransom.Win32.RTMCOMMAND.THKBFBD: Analyzing a Low-Risk but Potent Windows Ransomware Strain

Ransom.Win64.CONTI.AA: Analyzing the Persistent Conti Ransomware Threat

Trojan.W97M.EMOTET.SMI: Analyzing the Persistent Emotet Threat Targeting Windows Systems

Ransom.MSIL.EGOGEN.THEBBBC: Analyzing a Low-Risk but Persistent Ransomware Threat

Ransom.Win32.NOKO.THDABBC: Low-Risk Ransomware with Medium Damage Potential

Ransom.Win32.SPOOSH.THGAGBC: A Low-Risk Ransomware with High Data Exfiltration Risks

Unmasking Prometei: Trend Micro’s MXDR Investigation Reveals Botnet’s Cryptomining Operations

Fake LDAPNightmare PoC Exploit (CVE-2024-49113) Delivers Information-Stealing Malware

HotPage Adware Exploits Microsoft-Signed Driver to Target Chinese Gamers

Inside RedLine Stealer’s Backend: How the Infamous MaaS Operation Worked

ESET Threat Report H2 2024: Rising Infostealers, Deepfake Scams, and Cryptocurrency Threats

You may have missed

Murky Panda APT Exploits Cloud Trust Relationships in Downstream Attacks

U.S. Government Secures 10% Equity Stake in Intel in Unprecedented Deal

Nvidia’s Strategic Pivot: Navigating US Export Controls with New AI Chips for China

APT36 Expands Linux Targeting with Malicious .desktop Files and ClickFix Social Engineering