Apr 18, 2024NewsroomIncident Response / Cyber Espionage Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an analysis of over 100 confidential documents that were infected with the VBA macro virus and uploaded to the VirusTotal malware scanning platform. "The documents contained … [Read more...] about OfflRouter Malware Evades Detection in Ukraine for Almost a Decade
Evades
Glupteba Botnet Evades Detection with Undocumented UEFI Bootkit
Feb 13, 2024NewsroomCryptocurrency / Rootkit The Glupteba botnet has been found to incorporate a previously undocumented Unified Extensible Firmware Interface (UEFI) bootkit feature, adding another layer of sophistication and stealth to the malware. "This bootkit can intervene and control the [operating system] boot process, enabling Glupteba to hide itself and create a … [Read more...] about Glupteba Botnet Evades Detection with Undocumented UEFI Bootkit
New GootLoader Malware Variant Evades Detection and Spreads Rapidly
Nov 07, 2023NewsroomEndpoint Security / Malware A new variant of the GootLoader malware called GootBot has been found to facilitate lateral movement on compromised systems and evade detection. "The GootLoader group's introduction of their own custom bot into the late stages of their attack chain is an attempt to avoid detections when using off-the-shelf tools for C2 such as … [Read more...] about New GootLoader Malware Variant Evades Detection and Spreads Rapidly
Evades Macro Security via OneNote Attachments
Mar 20, 2023Ravie LakshmananEndpoint Security / Email Security The notorious Emotet malware, in its return after a short hiatus, is now being distributed via Microsoft OneNote email attachments in an attempt to bypass macro-based security restrictions and compromise systems. Emotet, linked to a threat actor tracked as Gold Crestwood, Mummy Spider, or TA542, continues to be a … [Read more...] about Evades Macro Security via OneNote Attachments