In the ever-evolving landscape of cybersecurity, tools like VirusTotal can provide invaluable insights. However, as a recent headline-grabbing incident demonstrated, it’s crucial to understand how to use these resources responsibly to avoid accidental data leaks. In today’s evolving cybersecurity landscape, two phrases are gaining traction and for good reason –
Overview With our latest release, VMRay Platform version 2023.2, we introduced support for Microsoft OneNote documents, recently abused by multiple threat actors. As announced in a recent blog post, the VMRay Platform continuously extends its capabilities to ensure our product is still able to deal with the the latest trends
Introduction BumbleBee is a fairly new malware loader that targets Windows computers. The initial discovery occurred in March 2022, marking a full year since its emergence. In this blog post, we’ll summarize BumbleBee’s activities, features, and important points based on the research published over the past year. Getting a handle
Overview A new malware family called Stealc was released recently, which is a Spyware designed to copy files, credentials and other sensitive information from the victim’s hard drive and make them available to the attacker. It also employs a variety of techniques to evade detection, including one technique based on
Introduction Historically, leveraging shared threat intelligence for malware detection has presented significant challenges to security teams. These challenges stem from the ever-evolving nature of malware threats, as well as the need for timely and accurate intelligence sharing among relevant parties. Traditional hash-based indicators, which rely on precise matches, frequently fall
Introduction As threat actors continue to evolve their tactics for distributing malware, we’ve been hard at work to stay on top of the latest trends to ensure VMRay platform can effectively analyze new file formats. One such attack trend that has gained popularity among threat actors is OneNote attachments. Microsoft
Introduction Just before closing off the year 2022, a new ransomware called CatB appeared on VirusTotal. Compared to other ransomware, this new malware family gets shipped with unique characteristics that make this recent market joiner interesting: Before the ransomware is executed, its loader component performs basic evasion checks to ensure
Introduction In April of 2022 we’ve observed new Emotet samples which implemented considerable changes to the way they store and decode their configuration. For Emotet, the relevant information stored in a config file is the IP address and a port number. Each of them is stored in the form of
Keep up to date with our weekly digest of articles. Get the latest news, invites to events, and threat alerts!
