ANNOUNCEMENT

Resources

Find more information about solutions and services, our technology and research insights, webinars and other resources on a wide array of subject matter.

State of Ransomware

ON-DEMAND

Register to get insights from Cybereason experts on the current state of ransomware and what you can do to prepare for the next ransomware attack.

Watch Now

New Trickbot Variants

Since April 2020, the Cybereason Nocturnus Team has been investigating the emergence of the Bazar malware, a loader and backdoor used to collect data about the infected machine and to deploy additional malware.

Read More

NEW BETABOT CAMPAIGN UNDER THE MICROSCOPE

The Cybereason SOC has detected multiple Betabot infections in customer environments. In this blog, Cybereason researchers study Betabot’s infection chain and self-defense mechanisms using data gathered from customer environments.

Read More

NIGHT OF THE DEVIL: RANSOMWARE OR WIPER? A LOOK INTO TARGETED ATTACKS IN JAPAN USING MBR-ONI

For several months Cybereason has been following the concerning rise of ONI, a family of ransomware involved in targeted attacks against Japanese companies. We suspect that the ONI ransomware was used as a wiper to cover up an elaborate hacking operation.

Read More

LEVERAGING EXCEL DDE FOR LATERAL MOVEMENT VIA DCOM

DDE, or Dynamic Data Exchange, is a legacy interprocess communication mechanism that’s been part of some Windows applications since as early as 1987. DDE enables applications to request items made available by other programs, such as cells in a Microsoft Excel spreadsheet, and be notified of any changes within these items.

Read More

ATTACKERS TURN TO MASQUERADING ICONS TO BOOST PHISHING ATTACK’S SUCCESS

Cybereason has observed thousands of malicious file executions masquerading as a popular programs such as Adobe PDF Reader, MS Word and Chrome. Using familiar icons is meant to deceive users into thinking that the file is legit and safe to open.

Read More

ATTACKERS USE BOTNETS TO BREAK INTO NETWORKS FASTER

No one likes grunt work, including attackers, who have turned to bots to automatically handle menial tasks like exploiting vulnerabilities.

Read More

FAUXPERSKY: CREDSTEALER MALWARE MASQUERADES AS KASPERSKY ANTIVIRUS

Cybereason researchers discovered a credstealer written with AutoHotKey that masquerades as Kaspersky Antivirus and spreads through infected USB drives. We’ve named it Fauxpersky.

Read More

CYBEREASON RESEARCHER DISCOVERS VACCINE FOR BAD RABBIT RANSOMWARE

Cybereason researcher Amit Serper has developed a vaccine to prevent the Bad Rabbit data-encrypting malware from infecting machines.

Read More