Today we have one of a sample had been linked to APT34, based on CheckPoint report. “In this latest campaign from January, a document submitted to VirusTotal from Lebanon (a common target for APT34), also depicts such a job opportunity document, although in this case we were unable to confirm…

The sample is part of spear-phishing campaign was targeting Gambling organization(support teams). Some of Cyber security companies link the attacks to APT27 group. Weapon :

ZLoader is a variant of the Zeus malware (Trojan) that hit the banking industry beginning in 2006. Before 2020, it was last seen in the summer of 2018. …

Thehackernews On Tuesday published news about CVE-2021–40444 “Microsoft on Tuesday warned of an actively exploited zero-day flaw impacting Internet Explorer that’s being used to hijack vulnerable Windows systems by leveraging weaponized Office documents.”. They mentioned twitter account who reported the 0-day to Microsoft.

After receiveing an email about ThanOS new ransomware,I downloaded one of ThanOS version to understand behavior and new techniques used. As per Nyntron Company mentioned the new technique used on ThanOS was bypassing almost AV,EDR and Microsoft security tools. “In January 2020, while using the Recorded Future® Platform to monitor…

Just you can imagen yourself on last hours before starting weekend and your company hits by one of the biggest ransomware on the world. Twitter and global news spoken about attack. A lot of companies wrote about Incident Response for Kaseya Ransomware case. How the threat actor bypass authentication on…

After reviewing report from Center for Internet Security(CIS) for 10 Top malware on 2020. The curiosity took me to analyze Dridex malware for knowing why it was the first malware on CIS report. Dridex is a banking trojan that uses malicious macros in Microsoft Office with either malicious embedded links…