Towards the end of 2022, researchers at SOCRadar recognized a relatively
new cyber gang, Royal, as the most active ransomware threat. Attacks
linked to Royal Ransomware have impacted a diverse pool of victims
across many geographical regions and mult...
Earlier this Fall, the Cybersecurity & Infrastructure Security Agency
(CISA) released an Alert Bulletin detailing campaigns perpetrated by
several advance persistent threat (APT) groups against a Defense
organization(1) . While several of the tools h...
Authors: Darren McCutchen, Jeeth Mathai, Manoj Pilli Background:
QuasarRAT is an open-source .NET remote administration tool. Although
originally created for legitimate functions (ex: remotely
troubleshooting a corporate laptop), it has been adopted ...
In December of 2021, Intezer discovered a novel multi-platform
malware[i]. Dubbed SysJoker, this backdoor written in C++ has the
ability to infect Windows, Linux, and MacOS systems. In analyzed
attacks, all 3 versions of the malware were seen to have...
Threat Analysis: Detecting “Follina” (CVE-2022-30190) RCE Vulnerability
with Netwitness Endpoint By: Darren McCutchen and Cody Spooner UPDATE -
Microsoft has included a patch for CVE-2022-30190 with the release of
their June 14, 2022 Security update,...
