Microsoft Security Bulletin Coverage for February 2023
SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of February 2023.
Microsoft OneNote files are widely used to deliver malware payloads
SonicWall RDTMI detecting a spike of malicious OneNote files are being delivered to the victim’s machine as an email attachments.
LockBit 3.0 'Black' targets large corps. Operator demands $9M for decryption
LockBit 3.0, also known as LockBit Black, is a ransomware family that operates under the Ransomware-as-a-Service (RaaS) model, where the creators collaborate with affiliates who may not have the resources to create and deploy attacks. […]
Linux Kernel ksmbd Integer Underflow Vulnerability
Overview: SonicWall Capture Labs Threat Research Team has observed the following threat: KSMBD stands for Kernel-based SMB Direct. It’s a Linux kernel module that provides the implementation of the SMBv3 protocol, allowing the Linux kernel […]
Berbew Backdoor Spotted In The Wild
This week, the Sonicwall Capture Labs Research team analyzed a sample of Berbew, a trojan that has been seen used in connection with Download.Ject and FormBook to steal user passwords for banking and other financial […]
Analysis of Native Process CLR Hosting Used by AgentTes...April 23, 2024 - 2:15 pm- HydraCrypt Ransomware Targets Brazil and Charges $5,000...April 22, 2024 - 12:39 pm
- Atlassian’s Confluence Server Unauthenticated Remote Code...April 19, 2024 - 2:24 pm
SonicWall DPI-SSL: Encryption Has Met Its MatchApril 10, 2024 - 3:48 pm
This post is also available in: Portuguese (Brazil) French German Japanese Korean Spanish