Malicious actors have backdoored the installer associated with courtroom video recording software developed by Justice AV Solutions (JAVS) to deliver malware that's associated with a known implant called RustDoor.
The software supply chain attack, tracked as CVE-2024-4978 (CVSS score: 8.7), impacts JAVS Viewer v8.3.7, a component of the JAVS Suite 8 that allows users to create,
Sandboxes are synonymous with dynamic malware analysis. They help to execute malicious files in a safe virtual environment and observe their behavior. However, they also offer plenty of value in terms of static analysis. See these five scenarios where a sandbox can prove to be a useful tool in your investigations.
Detecting Threats in PDFs
PDF files are frequently exploited by threat actors to
A new phishing campaign is leveraging decoy Microsoft Word documents as bait to deliver a backdoor written in the Nim programming language.
"Malware written in uncommon programming languages puts the security community at a disadvantage as researchers and reverse engineers' unfamiliarity can hamper their investigation," Netskope researchers Ghanashyam Satpathy and Jan Michael Alcantara 
Malware analysis encompasses a broad range of activities, including examining the malware's network traffic. To be effective at it, it's crucial to understand the common challenges and how to overcome them. Here are three prevalent issues you may encounter and the tools you'll need to address them.
Decrypting HTTPS traffic
Hypertext Transfer Protocol Secure (HTTPS), the protocol for secure
Organizations in the Middle East, Africa, and the U.S. have been targeted by an unknown threat actor to distribute a new backdoor called Agent Racoon.
"This malware family is written using the .NET framework and leverages the domain name service (DNS) protocol to create a covert channel and provide different backdoor functionalities," Palo Alto Networks Unit 42 researcher Chema Garcia
Welcome to a world where Generative AI revolutionizes the field of cybersecurity.
Generative AI refers to the use of artificial intelligence (AI) techniques to generate or create new data, such as images, text, or sounds. It has gained significant attention in recent years due to its ability to generate realistic and diverse outputs.
When it comes to security operations, Generative AI can
Phishing attacks are steadily becoming more sophisticated, with cybercriminals investing in new ways of deceiving victims into revealing sensitive information or installing malicious software. One of the latest trends in phishing is the use of QR codes, CAPTCHAs, and steganography. See how they are carried out and learn to detect them.
Quishing
Quishing, a phishing technique resulting from the
Cybersecurity researchers have warned about a Windows version of a wiper malware that was previously observed targeting Linux systems in cyber attacks aimed at Israel.
DubbedΒ BiBi-Windows WiperΒ by BlackBerry, the wiper is the Windows counterpart ofΒ BiBi-Linux Wiper, which has been put to use by a pro-Hamas hacktivist group in the wake of the Israel-Hamas war last month.
"The Windows variant [...
XWorm is a relatively new representative of the remote access trojan cohort that has already earned its spot among the most persistent threats across the globe.Β
Since 2022, when it was first observed by researchers, it has undergone a number of major updates that have significantly enhanced its functionality and solidified its staying power.Β
The analyst team atΒ ANY.RUNΒ came across the newest
Remote Access Trojans (RATs) have taken the third leading position in ANY. RUN'sΒ Q1 2023 reportΒ on the most prevalent malware types, making it highly probable that your organization may face this threat.
Though LimeRAT might not be the most well-known RAT family, its versatility is what sets it apart. Capable of carrying out a broad spectrum of malicious activities, it excels not only in data
Malware analysis is an essential part of security researcher's work. But working with malicious samples can be dangerous β it requires specialized tools to record their activity, and a secure environment to prevent unintended damage.
However, manual lab setup and configuration can prove to be a laborious and time-consuming process.
In this article, we'll look at 4 ways to create a reverse
Login
FreshRSS