Introduction The VMRay Labs team actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cybersecurity landscape. With this bulk update
Overview The new guide released by the NSA, alongside other agencies including CISA, FBI, DOE, EPA, TSA, and international partners from the UK, Canada, Australia, and New Zealand, addresses the need for improved cyber defense measures against LOTL techniques. This collaboration highlights the global nature of the threat and the
Introduction The VMRay Labs team actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cybersecurity landscape. With this bulk update
Introduction Welcome in 2024! We open up this year with another release of the VMRay Platform, which we’ve been working on in the winter season of 2023. In this blog post, we have some exciting updates to share and a glimpse into the innovations and initiatives that we focused on
Introduction The VMRay Labs team continuously reviews publicly available data to detect significant advancements in malware that require immediate attention. Our internal tracking further reinforces this work as we vigilantly monitor events reported by the security community, ensuring we remain at the forefront of the ever-evolving cybersecurity landscape. In November
The Advent of EDR and the Sandbox Dilemma Endpoint Detection and Response (EDR) solutions emerged with the promise of revolutionizing the cyber defense landscape. Touted as the panacea to malware attacks, EDRs offered both visibility into endpoints and a protective shield against malware threats. They positioned themselves as alternatives to
2023 marks a pivotal year in business evolution. As organizations struggle with the dual challenges of fortifying their security infrastructure and managing operational costs, the attraction of achieving more with less in your SOC becomes paramount. With the surge in unique malware samples to an astonishing 1.5 per minute in
Introduction The Labs team at VMRay actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cybersecurity landscape. In October 2023,
Even decades after the term “phishing” was coined, attackers are still innovating. In the past few weeks, we have seen a stark increase in a tactic referred to as “Quishing”: A form of phishing which abuses QR codes to attack victims. Traditional phishing attacks, which typically involve a malicious email
As we delve deeper into the cybercriminal landscape, infostealer malware remains a pervasive threat, continuing to evolve and adapt to net attackers a wealth of sensitive data. These malicious tools, deftly infiltrating systems, swipe everything from login credentials to credit card details, fueling a thriving black market on the dark
Introduction Recently, we have released the newest version of our platform, which you can check in the latest Release Highlights Blog. At the same time, our Labs team has been working on great signature and detection improvements covered in this article. In the past quarter, our Threat Researchers have focused
Introduction This year is slowly coming to its dawn. Fall leaves from the trees are falling, but it’s not the case for our appetite for threat hunting! We’re always on the lookout for dynamic behavior analysis, unusual or suspicious patterns in network traffic, file and memory analysis, new phishing trends,
Family Overview Beginning November 2022 here at VMRay we noticed increased activity of the Amadey information stealer malware. Monitoring of the threat landscape over the past several months showed this trend in the malware activity continued and the family is active as we speak. Our observations, together with public reports
Download The Report Introduction Having meticulously dissected the intricate delivery methods employed by BumbleBee in our previous blog post, we embarked on a journey through the multifaceted and complex delivery chains that enable its stealthy penetration. From the covert utilization of seemingly innocuous files to ingenious tactics that evade detection,
Introduction The Labs team at VMRay actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cybersecurity landscape. Recently, the VMRay
BumbeBee loader: an overview In March of 2022 a new loader equipped with more than 50 evasion techniques was spotted in the wild: BumbleBee employs a variety of methods to escape detection – from complex delivery chains and hooking-based loading to iterating through a collection of evasion techniques to detect
In the ever-evolving landscape of cybersecurity, tools like VirusTotal can provide invaluable insights. However, as a recent headline-grabbing incident demonstrated, it’s crucial to understand how to use these resources responsibly to avoid accidental data leaks. In today’s evolving cybersecurity landscape, two phrases are gaining traction and for good reason –
Introduction Writing this introduction for the VMRay 2023.3.0 release has been a thrill, considering bringing a significant game-changer to our products. The summer heat in our Bochum headquarters is at its best. To relieve the scorch, we are shipping a long-awaited coolness – Static and Dynamic Analysis of Linux executables.
Overview With our latest release, VMRay Platform version 2023.2, we introduced support for Microsoft OneNote documents, recently abused by multiple threat actors. As announced in a recent blog post, the VMRay Platform continuously extends its capabilities to ensure our product is still able to deal with the the latest trends
Introduction BumbleBee is a fairly new malware loader that targets Windows computers. The initial discovery occurred in March 2022, marking a full year since its emergence. In this blog post, we’ll summarize BumbleBee’s activities, features, and important points based on the research published over the past year. Getting a handle
Overview A new malware family called Stealc was released recently, which is a Spyware designed to copy files, credentials and other sensitive information from the victim’s hard drive and make them available to the attacker. It also employs a variety of techniques to evade detection, including one technique based on
Introduction With this article, we are ready to share a new series of posts that will reveal the latest signature and detection changes. Constant research in threat landscape is vital to VMRay products – DeepResponse, FinalVerdict and TotalInsight – as it allows us to react to the latest malware developments
Introduction With this article, we are ready to share a new series of posts that will reveal the latest signature and detection changes. Constant research in threat landscape is vital to VMRay products – DeepResponse, FinalVerdict and TotalInsight – as it allows us to react to the latest malware developments
Introduction Historically, leveraging shared threat intelligence for malware detection has presented significant challenges to security teams. These challenges stem from the ever-evolving nature of malware threats, as well as the need for timely and accurate intelligence sharing among relevant parties. Traditional hash-based indicators, which rely on precise matches, frequently fall
Keep up to date with our weekly digest of articles. Get the latest news, invites to events, and threat alerts!
join VMRay for two powerhouse webinars designed to sharpen your threat detection and response capabilities — featuring a special joint session with Red Canary:
Live session's over. Watch the on-demand video to learn how VMRay and Red Canary combine forces to deliver faster, smarter threat detection!
Learn how to cut phishing triage time with automated detonation and deep analysis — quickly uncover threats while improving response accuracy!
