A phishing campaign exploiting a bug in Nespresso’s website has been able to evade detection by taking advantage of security tools that fail to look for malicious nested or hidden links. The campaign starts with a phishing email that appears to have been sent from an employee with Bank of America, with a message to […]
Browser fingerprinting is one of many tactics phishing site authors use to evade security checks and lengthen the lifespan of malicious campaigns. While browser fingerprinting has been used by legitimate organizations to uniquely identify web browsers for nearly 15 years, it is now also commonly exploited by cybercriminals: a recent study shows one in four […]
The exploit allowed Lazarus to enhance its FudModule rootkit, enabling it to evade detection and disable security protections. Additionally, a previously undocumented remote access trojan (RAT) used by Lazarus was discovered.
Security experts have unmasked a new trick adopted by the GULOADER malware to evade detection by antivirus software. The highly evasive shellcode downloader malware, which typically spreads through emails bearing ZIP archives or links containing a VBScript file, has been found leveraging Vectored Exception Handler (VEH) capability to make analysis challenging. More in detail According […]
This malware is a Python-based information stealer compressed with cx-Freeze to evade detection. MrAnon Stealer steals its victims’ credentials, system information, browser sessions, and cryptocurrency extensions.
The BlackCat group has yet again added a new tool to its arsenal to evade detection by security solutions offered by different vendors. The attackers have created a new utility called Munchkin that allows them to run the ransomware payload on remote machines, or to encrypt remote Server Message Block (SMB)/Common Internet File Shares (CIFS). […]