Filter by:

Malware Analysis Spotlight: The Return of Emotet

After a long time of being inactive, the infamous malware delivery framework Emotet is back – the three Emotet botnets started pushing malicious spam on Friday, July 17. In this Malware Analysis Spotlight, we will take a look at one of the Microsoft Word documents used in the campaign (Figure 1). View the VMRay Analyzer Report for Emotet (July […]


Decoding the Verizon DBIR Report: An Insider’s Look Beyond the Headlines

This blog post was originally posted on Dark Reading. To truly understand cybersecurity trends, we must look beyond the headlines and ask more of the data. What you learn might surprise you. For the past 13 years, Verizon’s “Data Breach Investigations Report” (DBIR) has been the industry’s definitive resource for documenting and benchmarking the global […]


Threat Bulletin: Dissecting GuLoader’s Evasion Techniques

Over the last couple of months, we observed a new downloader called GuLoader (also known as CloudEyE) that has been actively distributed in 2020. In contrast to prototypical downloaders, GuLoader is known to use popular cloud services such as Google Drive, OneDrive and Dropbox to host its encrypted payloads. So far we have seen that GuLoader is being […]


Threat Bulletin: Cutting-off the Command-and-Control Infrastructure of CollectorGoomba

A Primer on Spyware-as-a-Service The rise in spyware-as-a-service allows cyber-criminals to choose a specialty, whether improving spyware, infecting users, or maximizing the profit derived from stolen information. The business model for spyware-as-a-service starts with an individual or team to developing the initial spyware and standing up any necessary infrastructure that the malware relies upon. The […]


Website designed and developed by Raincastle Communications, Inc.