XLoader’ Cross-platform Support Utilizing XBinder From the VMRay Labs Team Introduction Lately, a rebranded version of the stealer FormBook named XLoader has emerged. In contrast to FormBook, which targets Windows only, XLoader supports macOS as well. During our research, we observed Office documents, which exploit vulnerabilities in MS Office products,
Phishing Kit Kuzuluy Impersonating Paypal In this Malware Analysis Spotlight, we will take a look at a phishing kit related to Kuzuluy, also known as KuzuluyArt. According to Twitter user MaelSecurity, there was a Phishing-as-a-Service associated with Kuzuluy impersonating PayPal in late 2019. At the time of our research, the
For organizations of all sizes, cyber attacks are not a matter of if, but when. Given that an organization is going to experience security incidents, attacks and even breaches, a cyber incident response team and plan is critical. In a sophisticated threat landscape, what are the key considerations to building
As the cyber-threat landscape evolves and data breaches become more common, incident response has become more critical than ever. A CSIRT (Computer Security Incident Response Team) is a body of people assigned with the responsibility of responding to and minimizing the impact of any incidents that affect the organization. This
When it comes to incident response, the quicker a business deals with the threat, the better. It’s not just about being able to respond in a timely manner, it’s also about having the right persons and plan in place to deal with the event effectively. How to Build An Effective
Today, organizations of all sizes now become targets of cyber threats. There is always the ominous risk that cybercriminals can gain access to an organization’s network – which is still, despite all efforts of moving data to the cloud, the central backbone of many organizations’ infrastructure. Once an attacker is
Introduction In this Malware Analysis Spotlight, we will take a look at a phishing attempt targeting customers of the popular US-based bank Chase. We discovered the URL of the phishing page at the end of March 2021 and found several similar pages. The phishing page uses JQuery and Ajax to
Introduction In this Malware Analysis Spotlight, we’ll share our research about a phishing kit that was used at the end of March to steal banking information of Polish users of the OnLine eXchange (OLX) trading platform. We are referring to the phishing kit as Blackhat_Coder based on the Telegram user
Introduction In this Malware Analysis Spotlight, we’ll share our research about a phishing kit that was used at the end of March to steal banking information of Polish users of the OnLine eXchange (OLX) trading platform. We are referring to the phishing kit as Blackhat_Coder based on the Telegram user
Hancitor can be grouped into the category of downloaders that are often responsible for delivering further malware families into a compromised network. Recently, it has been observed delivering the Ficker Stealer, Cobalt Strike, and the Cuba ransomware among others. It is usually distributed to the victim via malicious spam campaigns
Keep up to date with our weekly digest of articles. Get the latest news, invites to events, and threat alerts!
