
Who Needs Macros? | Threat Actors Pivot to Abusing Explorer and Other LOLBins via Windows Shortcuts
Crimeware vendors say 'macros are dead', but they have a new weapon to help threat actors successfully deploy malware.
Crimeware vendors say 'macros are dead', but they have a new weapon to help threat actors successfully deploy malware.
The self-proclaimed 'oldest ransomware affiliate on the planet' has new tricks and new features and continues to beat enterprise defenses.
Software developers using GitLab CI are being targeted with malware through a typosquatting attack, putting downstream users at risk.
Long-running LockBit ransomware attempts to evade Windows ETW, AMSI and EDR by leveraging legitimate VMware logging command line utility.
Nemty developers have created a new, flawed update to the Karma ransomware variant in a bid to avoid detection and mislead attribution.
What really happened to Evil Corp after the OFAC sanctions? Did they cut and run, or are they still operating with impunity?
With victims in the US, Australia and India, BlackCat is a new RaaS making a big impact. Learn more about this unique ransomware's behavior and IoCs.
Scavenging code leaked from Babuk, Rook's first victim was a bank and the theft of 1123 GB of data. Learn more about this new ransomware operator.
New ransomware operator publishes victim details even if they pay. Our technical analysis shows how Spook is connected to other well-known malware families.
Exploring the links between Karma and other well-known malware families such as NEMTY and JSWorm, we find further IoCs and an evolving threat.