Banking & Finance May 8, 2023

How the ZeuS Trojan Info Stealer Changed Cybersecurity

4 min read - Information stealer malware is a type of malicious software designed to collect sensitive information from a victim’s computer. Also known as info stealers, data stealers or data-stealing malware, this software is true to its name: after infecting a computer or…

Incident Response May 1, 2023

How Morris Worm Command and Control Changed Cybersecurity

4 min read - A successful cyberattack requires more than just gaining entry into a victim’s network. To truly reap the rewards, attackers must maintain a persistent presence within the system. After establishing communication with other compromised network devices, actors can stealthily extract valuable…

Application Security January 25, 2023

Kronos Malware Reemerges with Increased Functionality

6 min read - The Evolution of Kronos Malware The Kronos malware is believed to have originated from the leaked source code of the Zeus malware, which was sold on the Russian underground in 2011. Kronos continued to evolve and a new variant of…

Software Vulnerabilities January 17, 2023

Self-Checkout This Discord C2

5 min read - This post was made possible through the contributions of James Kainth, Joseph Lozowski, and Philip Pedersen. In November 2022, during an incident investigation involving a self-checkout point-of-sale (POS) system in Europe, IBM Security X-Force identified a novel technique employed by…

Software Vulnerabilities October 17, 2022

Analysis of a Remote Code Execution (RCE) Vulnerability in Cobalt Strike 4.7.1

9 min read - Command & Control (C2) frameworks are a very sensitive component of Red Team operations. Often, a Red Team will be in a highly privileged position on a target’s network, and a compromise of the C2 framework could lead to a…

June 2, 2020

Trickbot Using BazarBackdoor to Gain Full Access to Targeted Networks

2 min read - Security researchers observed the Trickbot operators using a new backdoor called "BazarBackdoor" to gain full access to targeted networks.

June 1, 2020

Weekly Security News Roundup: Average Ransomware Demand Grew 14 Times in One Year

3 min read - Researchers revealed that the average ransomware demand grew 14 times over a one-year period from 2018 to 2019. Read on to learn what else happened last week in security news.

May 25, 2020

Weekly Security News Roundup: ‘Silent Night’ Malware Reminiscent of ZeuS

3 min read - Researchers observed digital criminals selling a new malware strain based on the ZeuS family called "Silent Night." Read on to learn what else happened last week in security news.

May 12, 2020

Astaroth Trojan Employed YouTube Channels as C&C to Evade Detection

2 min read - A new variant of the Astaroth Trojan family employed YouTube channels for command-and-control (C&C) functionality in order to evade detection.

May 11, 2020

Weekly Security News Roundup: Dacls RAT Begins Targeting Mac Users

3 min read - Security researchers observed a new version of the Lazarus Group's Dacls RAT targeting Mac users via a trojanized 2FA app. Read on to learn what else happened last week in security news.