The Labs team at VMRay actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cybersecurity landscape. In March 2024, the
We’re excited to announce that our new release now supports the advanced data-exchange format, STIX 2.1, enabling other security systems and threat repositories to import more results from VMRay’s analysis reports. This marks a significant leap towards better interoperability and makes sharing threat intelligence more future-proof. While STIX 2.0 was
Introduction The Labs team at VMRay actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cybersecurity landscape. In February 2024,
Three Ransomware attacks and data breaches in the healthcare industry over the last few weeks have been noteworthy. We’ve discussed the first incident that involves the BlackCat Ransomware as a Service (RaaS). Now, let’s continue with the second:the return of LockBit 3.0. Part 3: Rhysida Another ransomware as a service
Three Ransomware attacks and data breaches in the healthcare industry over the last few weeks have been noteworthy. We’ve discussed the first incident that involves the BlackCat Ransomware as a Service (RaaS). Now, let’s continue with the second:the return of LockBit 3.0. Part 2: The End of LockBit? Not So
Ransomware. One word that keeps many IT Administrators and SOC Analysts awake at night. And when it comes to the healthcare industry, the recent ransomware attacks of 2024 have led many IT security practitioners to burn the midnight oil late into the night. Three Ransomware attacks and data breaches in
Introduction The first release of 2024 is already behind us, but we’re not slowing down! We hope you’ve enjoyed the features delivered in recent months, including addressing the QR code phishing attacks, support for the analysis of ISO and UDF filetypes as well as our continuous enhancements and research to
The recent data leak from a Chinese Security Services Company, i-Soon, sent shockwaves through the CTI world. The name “i-Soon” is not new to the researchers monitoring China-nexus private hacking industry. This attention dates back to the US Grand Jury’s indictment o employees from “Chengdu 404” in 2019, where it
Overview Pikabot has posed significant challenges to many Endpoint Detection and Response (EDR) systems through its employment of an advanced technique to hide its malicious activities known as “indirect system calls” (or “indirect syscalls”). This is only one of multiple techniques this family employs to evade detection: Pikabot distinguishes itself
Introduction The VMRay Labs team actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cybersecurity landscape. With this bulk update
Overview The new guide released by the NSA, alongside other agencies including CISA, FBI, DOE, EPA, TSA, and international partners from the UK, Canada, Australia, and New Zealand, addresses the need for improved cyber defense measures against LOTL techniques. This collaboration highlights the global nature of the threat and the
Introduction The VMRay Labs team actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cybersecurity landscape. With this bulk update
Introduction Welcome in 2024! We open up this year with another release of the VMRay Platform, which we’ve been working on in the winter season of 2023. In this blog post, we have some exciting updates to share and a glimpse into the innovations and initiatives that we focused on
Introduction The VMRay Labs team continuously reviews publicly available data to detect significant advancements in malware that require immediate attention. Our internal tracking further reinforces this work as we vigilantly monitor events reported by the security community, ensuring we remain at the forefront of the ever-evolving cybersecurity landscape. In November
The Advent of EDR and the Sandbox Dilemma Endpoint Detection and Response (EDR) solutions emerged with the promise of revolutionizing the cyber defense landscape. Touted as the panacea to malware attacks, EDRs offered both visibility into endpoints and a protective shield against malware threats. They positioned themselves as alternatives to
2023 marks a pivotal year in business evolution. As organizations struggle with the dual challenges of fortifying their security infrastructure and managing operational costs, the attraction of achieving more with less in your SOC becomes paramount. With the surge in unique malware samples to an astonishing 1.5 per minute in
Introduction The Labs team at VMRay actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cybersecurity landscape. In October 2023,
Even decades after the term “phishing” was coined, attackers are still innovating. In the past few weeks, we have seen a stark increase in a tactic referred to as “Quishing”: A form of phishing which abuses QR codes to attack victims. Traditional phishing attacks, which typically involve a malicious email
As we delve deeper into the cybercriminal landscape, infostealer malware remains a pervasive threat, continuing to evolve and adapt to net attackers a wealth of sensitive data. These malicious tools, deftly infiltrating systems, swipe everything from login credentials to credit card details, fueling a thriving black market on the dark
Introduction Recently, we have released the newest version of our platform, which you can check in the latest Release Highlights Blog. At the same time, our Labs team has been working on great signature and detection improvements covered in this article. In the past quarter, our Threat Researchers have focused
Introduction This year is slowly coming to its dawn. Fall leaves from the trees are falling, but it’s not the case for our appetite for threat hunting! We’re always on the lookout for dynamic behavior analysis, unusual or suspicious patterns in network traffic, file and memory analysis, new phishing trends,
Family Overview Beginning November 2022 here at VMRay we noticed increased activity of the Amadey information stealer malware. Monitoring of the threat landscape over the past several months showed this trend in the malware activity continued and the family is active as we speak. Our observations, together with public reports
Download The Report Introduction Having meticulously dissected the intricate delivery methods employed by BumbleBee in our previous blog post, we embarked on a journey through the multifaceted and complex delivery chains that enable its stealthy penetration. From the covert utilization of seemingly innocuous files to ingenious tactics that evade detection,
Introduction The Labs team at VMRay actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cybersecurity landscape. Recently, the VMRay
BumbeBee loader: an overview In March of 2022 a new loader equipped with more than 50 evasion techniques was spotted in the wild: BumbleBee employs a variety of methods to escape detection – from complex delivery chains and hooking-based loading to iterating through a collection of evasion techniques to detect
Keep up to date with our weekly digest of articles. Get the latest news, invites to events, and threat alerts!
