Analysis of Native Process CLR Hosting Used by AgentTesla
Overview SonicWall Capture Labs threat research team has observed fileless .Net managed code injection in a native 64-bit process. Native code or unmanaged code refers to low-level compiled code such as C/C++. Managed code refers […]
HydraCrypt Ransomware Targets Brazil and Charges $5,000 for Decryption
Overview The SonicWall Capture Labs threat research team has recently been tracking ransomware known as HydraCrypt. HydraCrypt originates from the CryptBoss ransomware family and was first seen in early 2016. The sample that we analyzed […]
Atlassian’s Confluence Server Unauthenticated Remote Code Execution
Overview The SonicWall Capture Labs threat research team became aware of a noteworthy vulnerability—an Unauthenticated Template Injection —in Atlassian Confluence platforms, assessed its impact and developed mitigation measures for it. Atlassian’s Confluence Server and Data […]
SonicWall DPI-SSL: Encryption Has Met Its Match
Encryption is a fundamental building block in the secure operation of the internet. It protects the confidentiality and integrity of information transmitted over the network, preventing unauthorized third parties from accessing sensitive data. The need […]
Microsoft Security Bulletin Coverage for April 2024
Overview Microsoft’s April 2024 Patch Tuesday has 147 vulnerabilities, 68 of which are Remote Code Execution (RCE) vulnerabilities. The SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for April 2024 […]
Analysis of Native Process CLR Hosting Used by AgentTes...April 23, 2024 - 2:15 pm- HydraCrypt Ransomware Targets Brazil and Charges $5,000...April 22, 2024 - 12:39 pm
- Atlassian’s Confluence Server Unauthenticated Remote Code...April 19, 2024 - 2:24 pm
SonicWall DPI-SSL: Encryption Has Met Its MatchApril 10, 2024 - 3:48 pm
This post is also available in: Portuguese (Brazil) French German Japanese Korean Spanish Chinese (Simplified)