Estimated reading time: 4 minutes
Recently, we came across a new banking trojan called Coyote, which utilizes a tool/library called Squirrel Installer, developed to install and manage updates of windows applications. The malware looks more evolved than our normal banking trojans and can potentially...
Estimated reading time: 3 minutes
On Friday, March 29, developer Andres Freund detected unusual behavior in his Debian sid environment. In response, he contacted an open-source security mailing list to report his discovery of an upstream backdoor in the commonly used command-line tool XZ...
Estimated reading time: 4 minutes
Introduction: Originating in March 2023, Abyss Locker, a recently established ransomware operation, has swiftly targeted companies, transforming into a significant threat across various sectors, such as industrial control systems (ICS), enterprises, and public-sector organizations. It poses a significant threat...
Estimated reading time: 5 minutes
Overview: Batloader is not a new malware in the series – it is an emerging one. In our previous blogs, we discussed how Batloader can deploy different types of malware, including stealers and ransomware. We also delved into its...
Estimated reading time: 6 minutes
Cerber is a strain of ransomware that was first identified in early 2016. It is a type of malware that encrypts a victim’s files and demands a ransom for the decryption key needed to unlock the files. Cerber, like...
Estimated reading time: 5 minutes
Overview: In our rapidly advancing technological landscape, cyber threat actors have grown increasingly sophisticated, employing intricate attack chains and malicious applications. They meticulously plan and execute well-defined, strategic attacks that unfold in stages. A typical malware attack comprises various...
Estimated reading time: 11 minutes
SEQRITE Labs APT-Team has discovered multiple campaigns of APT SideCopy, targeting Indian government and defense entities in the past few months. The threat group is now exploiting the recent WinRAR vulnerability CVE-2023-38831 (See our advisory for more details) to...
Estimated reading time: 5 minutes
Our recent research has highlighted the presence of the MedusaLocker ransomware, which first surfaced in mid-2019. Its primary targets are the Hospital and Healthcare industries. MedusaLocker employs AES and RSA encryption techniques to encrypt victims’ data. Technical analysis At...
Estimated reading time: 4 minutes
Openfire is an open-source, real-time collaboration server based on the XMPP (Extensible Messaging and Presence Protocol) protocol. It facilitates instant messaging, group chat, and other real-time communication services. Openfire is popular for its flexibility, scalability, and robust security features....
Estimated reading time: 2 minutes
Overview In the 1990s, as the internet gained popularity, cybercriminals started developing and distributing basic forms of malware, including password stealers. Early stealer malware primarily targeted login credentials and passwords for online services and email accounts. As technology advanced,...