New variant of the shellcode malware GuLoader spotted in the wild
The SonicWall RTDMI is detecting a surge of VBScript files for last few weeks which downloads and executes GuLoader shellcode on the victim’s machine
phpIPAM SQL Injection Vulnerability
Overview: SonicWall Capture Labs Threat Research Team has observed the following threat: phpIPAM is a free and open-source web-based IP address management (IPAM) software application. It is designed to help organizations efficiently manage their IP […]
Android malware steals your Google Authenticator codes
The SonicWall Capture Labs Threat Research team came across a malware campaign that steals device information, card information, and google authenticator code on Android devices. This malware uses famous Android app icons to mislead users and trick victims into installing the malicious app on their device
OneNote files are being used to deliver fileless backdoor
SonicWall RTDMI detected OneNote malicious file is not detected by any security providers available on popular threat intelligence sharing portals like the VirusTotal and the ReversingLabs
Latest Threat Intelligence Reveals Rising Tide of Cryptojacking
Threat actors looking for a steadier (and stealthier) income stream pushed cryptojacking to record highs in 2022. Late February was a wakeup call for anyone who still thought it was a good idea to illegally […]
Analysis of Native Process CLR Hosting Used by AgentTes...April 23, 2024 - 2:15 pm- HydraCrypt Ransomware Targets Brazil and Charges $5,000...April 22, 2024 - 12:39 pm
- Atlassian’s Confluence Server Unauthenticated Remote Code...April 19, 2024 - 2:24 pm
SonicWall DPI-SSL: Encryption Has Met Its MatchApril 10, 2024 - 3:48 pm
This post is also available in: Portuguese (Brazil) French German Japanese Korean Spanish