Remove state-of-malware-analysis
article thumbnail

The State of Malware Analysis: Advice from the Trenches

Lenny Zeltser

What malware analysis approaches work well? The following discussion–captured as an MP3 audio file –offers friendly advice from 5 malware analysts. 1:05) How has your approach to examining malware changed over the years? (7:17) 7:17) What role do automated sandboxes play in the analysis process? (14:30)

Malware 91
article thumbnail

GitCaught campaign relies on Github and Filezilla to deliver multiple malware

Security Affairs

Researchers discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors that used GitHub to distribute malware. Recorded Future’s Insikt Group discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors from the Commonwealth of Independent States (CIS).

Malware 94
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Expert warns of Turtle macOS ransomware

Security Affairs

The popular cyber security researcher Patrick Wardle published a detailed analysis of the new macOS ransomware Turtle. Wardle pointed out that since Turtle was uploaded on Virus Total, it was labeled as malicious by 24 anti-malware solutions, suggesting it is not a sophisticated threat. concludes the analysis. Troj.Undef”).

article thumbnail

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Security Affairs

The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. ” states the website. ” reads the analysis published by Claroty. ” reads the analysis published by Claroty. Access to 112 Emergency Service. YouTube Video 1 , YouTube Video 2 ).

Malware 124
article thumbnail

North Korea-linked Kimsuky APT attack targets victims via Messenger

Security Affairs

North Korea-linked Kimsuky APT group employs rogue Facebook accounts to target victims via Messenger and deliver malware. Researchers at Genius Security Center (GSC) identified a new attack strategy by the North Korea-linked Kimsuky APT group and collaborated with the Korea Internet & Security Agency (KISA) for analysis and response.

Malware 103
article thumbnail

MITRE attributes the recent attack to China-linked UNC5221

Security Affairs

MITRE has shared more details on the recent hack , including the new malware involved in the attack and a timeline of the attacker’s activities. According to the MITRE Corporation, a nation-state actor breached its systems in January 2024 by chaining two Ivanti Connect Secure zero-day vulnerabilities (CVE-2023-46805 and CVE-2024-21887).

Malware 99
article thumbnail

More SolarWinds News

Schneier on Security

Microsoft analyzed details of the SolarWinds attack: Microsoft and FireEye only detected the Sunburst or Solorigate malware in December, but Crowdstrike reported this month that another related piece of malware, Sunspot , was deployed in September 2019, at the time hackers breached SolarWinds’ internal network.