New Marsilia Ransomware Downloader Found

Overview This week, the SonicWall Capture Labs threat research team analyzed a sample of Marsilia malware, also known as Mallox. This is a multi-stage sample that, when functional, will have a first stage that enumerates […]

Latest DBatLoader Uses Driver Module to Disable AV/EDR Software

Overview Threat actors are continuously evolving their malware code to protect them against security defenses. SonicWall Capture Labs threat research team has observed that the latest variant of DBatLoader has included an old version of […]

Microsoft Outlook Remote Code Execution Vulnerability

Overview SonicWall Capture Labs Threat Research Team became aware of the MonikerLink Remote Code Execution vulnerability (CVE-2024-21413) in Microsoft Outlook, assessed its impact and developed mitigation measures for the vulnerability. Microsoft Outlook is a globally […]

ClamAV ClamD Service

SonicWall Capture Labs Threat Research Team became aware of the ClamAV VirusEvent command injection vulnerability (CVE-2024-20328), assessed its impact, and developed mitigation measures for the vulnerability. ClamAV is a notable, open-source anti-virus engine, widely recognized […]

New LockXX Ransomware Targets Users Who Speak Standard Chinese, English

Overview This week, the SonicWall Capture Labs threat research team analyzed a ransomware targeting users who speak English and Standard Chinese. Its behavior is typical of ransomware – it encrypts the user’s files and provides […]

This post is also available in: Portuguese (Brazil) French German Japanese Korean Spanish