SEARCH
Archive
Attackers Are Signing Malware With Valid Certificates
There used to be a time when malware signed with a legitimate certificate was the mark of a sophisticated, nation-state-backed attacker. Now anyone can have signed malware.
FIN7 Attackers Still in the Water
The FIN7 attack group is still alive and well, despite arrests of some alleged members and intense attention from researchers and law enforcement.
DNSpionage Attackers Deploying New Karkoff Backdoor
The DNSpionage attack group is now using a new backdoor called Karkoff, which may have ties to the OilRig leaks as well.
U.S.-Based Malware Hosting Setup Possibly Tied to Necurs Botnet
Bromium researchers have been tracking a phishing and malware campaign, possibly linked to the Necurs botnet, that uses infrastructure in the U.S.
Researchers Still Unraveling LockerGoga Ransomware
Researchers are still trying to figure out how LockerGoga infects its targets, and what the group behind this damaging ransomware variant really wants. Can't be just money.