New Golang Trojan Installs Certificate for Comms Evasion

Overview This week, the Sonicwall Capture Labs threat research team analyzed a new Golang malware sample. It uses multiple geographic checks and publicly available packages to screenshot the system before installing a root certificate to […]

Unpatched PHP Deserialization Vulnerability in Artica Proxy

Overview SonicWall Capture Labs threat research team became aware of a deserialization vulnerability with the Artica Proxy appliance, assessed its impact and developed mitigation measures. Artica Proxy is a comprehensive proxy solution performing tasks such […]

Lighter Ransomware Locks Users Out of System

Overview This week, the Sonicwall Capture Labs threat research team analyzed a ransomware calling itself Lighter Ransomware. Upon execution, it opens up a window with a countdown timer instructing the victim to reach out immediately […]

WhiteSnake Stealer: Unveiling the Latest Version – Less Obfuscated, More Dangerous

Overview SonicWall Capture Labs threat research team has observed a new variant of WhiteSnake Stealer. This stealer poses significant risks to users and organizations as it can steal critical sensitive data from compromised systems, including […]

LokiBot is Being Distributed by Windows Shortcut Files

Overview The SonicWall RTDMI ™ engine has recently detected Windows Shortcut Files (LNKs) inside archives that execute LokiBot malware on the victim’s machine. The malicious LNK file is packed inside an archive along with a […]

This post is also available in: Portuguese (Brazil) French German Japanese Korean Spanish