Malware authors are continuously evolving their tactics to evade detection by security tools, and sandbox evasion techniques are a critical component of this cat-and-mouse game. In this comprehensive article, we’ll delve into the intricate details of the three primary categories of sandbox evasion techniques employed by modern malware, shedding light
Introduction As the popularity of Linux and UNIX-like operating systems has grown, so too has the attention from malicious actors seeking to exploit vulnerabilities. With the increasing adoption of these systems in various industries, they have become lucrative targets for cyber attacks. Consequently, the belief that Linux is immune to
The first step in defending your business against phishing is making sure that your employees know that these attacks exist and what they consist of. VMRay’s Abuse Mailbox enables Enterprise, MSSP and MDR SOC teams to create a dedicated mailbox hosted by VMRay solutions, allowing each client’s employees to forward
As technology advances, email phishing campaigns continue to improve in sophistication, emphasizing the need for vigilance and awareness. The recent spate of ransomware attacks on US healthcare has shown major chinks in the armor of many an organization’s security stack. Zero-Day malware, if unchecked, can bring an organization quickly to
As technology advances, phishing campaigns continue to improve in sophistication, emphasizing the need for vigilance and awareness. The recent spate of ransomware attacks on US healthcare has shown major chinks in the armor of many an organization’s security stack. Zero-Day malware, if unchecked, can bring an organization quickly to its
The Labs team at VMRay actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cybersecurity landscape. In March 2024, the
We’re excited to announce that our new release now supports the advanced data-exchange format, STIX 2.1, enabling other security systems and threat repositories to import more results from VMRay’s analysis reports. This marks a significant leap towards better interoperability and makes sharing threat intelligence more future-proof. While STIX 2.0 was
Introduction The Labs team at VMRay actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cybersecurity landscape. In February 2024,
Three Ransomware attacks and data breaches in the healthcare industry over the last few weeks have been noteworthy. We’ve discussed the first incident that involves the BlackCat Ransomware as a Service (RaaS). Now, let’s continue with the second:the return of LockBit 3.0. Part 3: Rhysida Another ransomware as a service
Three Ransomware attacks and data breaches in the healthcare industry over the last few weeks have been noteworthy. We’ve discussed the first incident that involves the BlackCat Ransomware as a Service (RaaS). Now, let’s continue with the second:the return of LockBit 3.0. Part 2: The End of LockBit? Not So
Ransomware. One word that keeps many IT Administrators and SOC Analysts awake at night. And when it comes to the healthcare industry, the recent ransomware attacks of 2024 have led many IT security practitioners to burn the midnight oil late into the night. Three Ransomware attacks and data breaches in
Introduction The first release of 2024 is already behind us, but we’re not slowing down! We hope you’ve enjoyed the features delivered in recent months, including addressing the QR code phishing attacks, support for the analysis of ISO and UDF filetypes as well as our continuous enhancements and research to
The recent data leak from a Chinese Security Services Company, i-Soon, sent shockwaves through the CTI world. The name “i-Soon” is not new to the researchers monitoring China-nexus private hacking industry. This attention dates back to the US Grand Jury’s indictment o employees from “Chengdu 404” in 2019, where it
Overview Pikabot has posed significant challenges to many Endpoint Detection and Response (EDR) systems through its employment of an advanced technique to hide its malicious activities known as “indirect system calls” (or “indirect syscalls”). This is only one of multiple techniques this family employs to evade detection: Pikabot distinguishes itself
Introduction The VMRay Labs team actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cybersecurity landscape. With this bulk update
Overview The new guide released by the NSA, alongside other agencies including CISA, FBI, DOE, EPA, TSA, and international partners from the UK, Canada, Australia, and New Zealand, addresses the need for improved cyber defense measures against LOTL techniques. This collaboration highlights the global nature of the threat and the
Introduction The VMRay Labs team actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cybersecurity landscape. With this bulk update
Introduction Welcome in 2024! We open up this year with another release of the VMRay Platform, which we’ve been working on in the winter season of 2023. In this blog post, we have some exciting updates to share and a glimpse into the innovations and initiatives that we focused on
Introduction The VMRay Labs team continuously reviews publicly available data to detect significant advancements in malware that require immediate attention. Our internal tracking further reinforces this work as we vigilantly monitor events reported by the security community, ensuring we remain at the forefront of the ever-evolving cybersecurity landscape. In November
The Advent of EDR and the Sandbox Dilemma Endpoint Detection and Response (EDR) solutions emerged with the promise of revolutionizing the cyber defense landscape. Touted as the panacea to malware attacks, EDRs offered both visibility into endpoints and a protective shield against malware threats. They positioned themselves as alternatives to
2023 marks a pivotal year in business evolution. As organizations struggle with the dual challenges of fortifying their security infrastructure and managing operational costs, the attraction of achieving more with less in your SOC becomes paramount. With the surge in unique malware samples to an astonishing 1.5 per minute in
Introduction The Labs team at VMRay actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cybersecurity landscape. In October 2023,
Even decades after the term “phishing” was coined, attackers are still innovating. In the past few weeks, we have seen a stark increase in a tactic referred to as “Quishing”: A form of phishing which abuses QR codes to attack victims. Traditional phishing attacks, which typically involve a malicious email
As we delve deeper into the cybercriminal landscape, infostealer malware remains a pervasive threat, continuing to evolve and adapt to net attackers a wealth of sensitive data. These malicious tools, deftly infiltrating systems, swipe everything from login credentials to credit card details, fueling a thriving black market on the dark
Introduction Recently, we have released the newest version of our platform, which you can check in the latest Release Highlights Blog. At the same time, our Labs team has been working on great signature and detection improvements covered in this article. In the past quarter, our Threat Researchers have focused
Introduction This year is slowly coming to its dawn. Fall leaves from the trees are falling, but it’s not the case for our appetite for threat hunting! We’re always on the lookout for dynamic behavior analysis, unusual or suspicious patterns in network traffic, file and memory analysis, new phishing trends,
Keep up to date with our weekly digest of articles. Get the latest news, invites to events, and threat alerts!
Ready to stress-test your malware sandbox? Join us for a no-fluff, all-demo webinar that shows you real techniques to evaluate and optimize your sandboxing solution!
