New Golang Trojan Installs Certificate for Comms Evasion
Overview This week, the Sonicwall Capture Labs threat research team analyzed a new Golang malware sample. It uses multiple geographic checks and publicly available packages to screenshot the system before installing a root certificate to […]
Unpatched PHP Deserialization Vulnerability in Artica Proxy
Overview SonicWall Capture Labs threat research team became aware of a deserialization vulnerability with the Artica Proxy appliance, assessed its impact and developed mitigation measures. Artica Proxy is a comprehensive proxy solution performing tasks such […]
Lighter Ransomware Locks Users Out of System
Overview This week, the Sonicwall Capture Labs threat research team analyzed a ransomware calling itself Lighter Ransomware. Upon execution, it opens up a window with a countdown timer instructing the victim to reach out immediately […]
WhiteSnake Stealer: Unveiling the Latest Version – Less Obfuscated, More Dangerous
Overview SonicWall Capture Labs threat research team has observed a new variant of WhiteSnake Stealer. This stealer poses significant risks to users and organizations as it can steal critical sensitive data from compromised systems, including […]
LokiBot is Being Distributed by Windows Shortcut Files
Overview The SonicWall RTDMI ™ engine has recently detected Windows Shortcut Files (LNKs) inside archives that execute LokiBot malware on the victim’s machine. The malicious LNK file is packed inside an archive along with a […]
This post is also available in: Portuguese (Brazil) French German Japanese Korean Spanish