Chaos Ransomware Operator Gives Up Decryption Tool for Free
Overview The SonicWall CaptureLabs threat research team have been recently tracking ransomware created using the Chaos ransomware builder. The builder appeared in June 2021 and has been used by many operators to infect victims and […]
Updated StrelaStealer Targeting European Countries
Overview SonicWall Capture Labs threat research team has observed an updated variant of StrelaStealer. StrelaStealer is an infostealer malware known for targeting Spanish-speaking users and focuses on stealing email account credentials from Outlook and Thunderbird. […]
Progress Kemp LoadMaster Unauthenticated Command Injection Vulnerability
Overview The SonicWall Capture Labs threat research team became aware of a noteworthy vulnerability — an Unauthenticated Command Injection — in Progress Kemp Loadmaster, assessed its impact and developed mitigation measures for it. Kemp Technologies’ […]
New Golang Trojan Installs Certificate for Comms Evasion
Overview This week, the Sonicwall Capture Labs threat research team analyzed a new Golang malware sample. It uses multiple geographic checks and publicly available packages to screenshot the system before installing a root certificate to […]
Unpatched PHP Deserialization Vulnerability in Artica Proxy
Overview SonicWall Capture Labs threat research team became aware of a deserialization vulnerability with the Artica Proxy appliance, assessed its impact and developed mitigation measures. Artica Proxy is a comprehensive proxy solution performing tasks such […]
CrushFTP Server-Side Template Injection (SSTI)May 1, 2024 - 9:45 am- Fake Windows Explorer Installs a Crypto MinerApril 30, 2024 - 3:39 pm
Vintage Bugs: Data Shows Old Vulnerabilities Still Menace...April 30, 2024 - 1:00 am- Android Remote Access Trojan Equipped to Harvest Creden...April 29, 2024 - 11:32 am
This post is also available in: Portuguese (Brazil) French German Japanese Korean Spanish