The Hidden Danger of PDF Files with Embedded QR Codes

The SonicWall Capture Labs threat research team has been observing PDF files with QR codes being abused by malware authors to deceive users for a long time. QR codes are increasingly popular due to their […]

High-Risk Path Traversal in SolarWinds Serv-U

Overview The SonicWall Capture Labs threat research team became aware of a path traversal vulnerability in SolarWinds Serv-U, assessed its impact and developed mitigation measures. Serv-U server is a solution that provides a secure file […]

New Orcinius Trojan Uses VBA Stomping to Mask Infection

Overview This week, the SonicWall Capture Labs threat research team investigated a sample of Orcinius malware. This is a multi-stage trojan that is using Dropbox and Google Docs to download second-stage payloads and stay updated. […]

A Deep Dive Into DarkME Rat Malware

DarkMe RAT steals information from victims’ machines and responds to various commands received from its Command and Control (C&C) server. A spike in distributing DarkMe RAT was observed in February 2024, exploiting the zero-day (CVE-2024-21412) […]

StrelaStealer Resurgence: Tracking a JavaScript-Driven Credential Stealer Targeting Europe

The SonicWall Capture Labs threat research team has been tracking StrelaStealer for a long time. Recently, in the third week of June, we observed a huge spike in JavaScript spreading StrelaStealer. StrelaStealer specifically steals Outlook […]

This post is also available in: Portuguese (Brazil) French German Japanese Korean Spanish