Fake Windows Explorer Installs a Crypto Miner
Overview This week the SonicWall Capture Labs threat research team came across a sample purporting to be Windows Explorer. At a glance, everything checks out – it uses the legitimate Windows Explorer icon and the […]
Android Remote Access Trojan Equipped to Harvest Credentials
Overview The SonicWall Capture Labs threat research team has been regularly sharing information about malware targeting Android devices. We’ve encountered similar RAT samples before, but this one includes extra commands and phishing attacks designed to […]
GitLab XSS Via Autocomplete Results
Overview The SonicWall Capture Labs threat research team became aware of a cross-site scripting vulnerability in GitLab, assessed its impact and developed mitigation measures. GitLab, an open-source code-sharing platform, published an advisory on this vulnerability […]
Analysis of Native Process CLR Hosting Used by AgentTesla
Overview SonicWall Capture Labs threat research team has observed fileless .Net managed code injection in a native 64-bit process. Native code or unmanaged code refers to low-level compiled code such as C/C++. Managed code refers […]
HydraCrypt Ransomware Targets Brazil and Charges $5,000 for Decryption
Overview The SonicWall Capture Labs threat research team has recently been tracking ransomware known as HydraCrypt. HydraCrypt originates from the CryptBoss ransomware family and was first seen in early 2016. The sample that we analyzed […]
MICROSOFT SECURITY BULLETIN COVERAGE FOR MAY 2024May 14, 2024 - 11:52 pm
RSAC 2024: Don’t Call It a Comeback, We’ve Been Here...May 14, 2024 - 2:15 pm
Experience Seamless Onboarding with SonicExpress 2.4.0May 14, 2024 - 12:04 pm- Remcos Is Pairing with PrivateLoader to Extend Its Capa...May 14, 2024 - 11:06 am
This post is also available in: Portuguese (Brazil) French German Japanese Korean Spanish