Google script being abused for Cryptocurrency fraud
SonicWall Capture Labs Research team has discovered an ongoing instance of cryptocurrency fraud that utilizes legitimate Google services, specifically Google Script macros. Threat actors intentionally target these platforms because they are both convenient to use […]
Barracuda ES Gateway Reverse Shell Vulnerability
Overview: SonicWall Capture Labs Threat Research Team has observed the following threat: The Barracuda Email Security Gateway is a comprehensive email security solution developed to safeguard businesses from a multitude of email threats such as […]
Minimal permissions are adequate for fraudulent Android financial applications
SonicWall Capture Labs Threat research team recently discovered a campaign requesting users to provide their card details on a fraudulent bank application under the pretense of claiming rewards points. Additionally, they persuade users to enable […]
Amadey Malware Has Improved Its String Decoding Algorithm
SonicWall Capture Labs Research team recently observed a new variant of Amadey malware. Amadey is a botnet with main objective of stealing sensitive information and to inject additional payload by receiving the commands from command & control server. In this variant we observed that it has modified its string decoding algorithm.
Microsoft Security Bulletin Coverage for June 2023
SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of June 2023.
CrushFTP Server-Side Template Injection (SSTI)May 1, 2024 - 9:45 am- Fake Windows Explorer Installs a Crypto MinerApril 30, 2024 - 3:39 pm
Vintage Bugs: Data Shows Old Vulnerabilities Still Menace...April 30, 2024 - 1:00 am- Android Remote Access Trojan Equipped to Harvest Creden...April 29, 2024 - 11:32 am
This post is also available in: Portuguese (Brazil) French German Japanese Korean Spanish