-
100 Days of YARA: Writing Signatures for .NET Malware
If YARA signatures for .NET assemblies only rely on strings, they are very limited. We explore more detection opportunities, including IL code, method signature definitions and specific custom attributes. Knowledge about the underlying .NET metadata structures, tokens and streams helps to craft more precise and efficient signatures, even in cases where relevant malware samples might…
-
Unboxing Anubis: Exploring the Stealthy Tactics of FIN7’s Latest Backdoor
In the ever-evolving landscape of advanced persistent threats (APTs), the notorious financial cybercrime group FIN7 has added another sophisticated tool to their arsenal. We have recently discovered a new Python-based backdoor, called “AnubisBackdoor”, being deployed in their latest campaigns. Go to Source
-
Booking a Threat: Inside LummaStealer’s Fake reCAPTCHA
Cybercriminals are taking advantage of the increased demand in travel by setting up fake booking sites, phishing scams and fraudulent listings to trick unsuspecting travelers. Go to Source
-
Malware from fake recruiters
Fake recruiters are currently on the hunt for CVs – and also your data. Reports have emerged about malware being put into work assignments that supposedly test a candidate’s technical skills. Go to Source
-
UK tax authority reveals scammers stole £47 million
Officials from His Majesty’s Revenue & Customs, the U.K.’s tax authority, said criminals took over accounts to pilfer £47 million ($63 million) last year. Go to Source