HackDig : Dig high-quality web security articles

What is fileless malware?

Unlike traditional malware, which relies on a file being written to a disk, fileless malware is intended to be memory resident only, ideally leaving no trace after its execution. The malicious payload exists in the computer’s memory, which means nothing is ever written directly to the hard drive. For an attacker, fileless malware has two major advantages:
Publish At:2021-10-28 10:15 | Read:1152 | Comments:0 | Tags:Explained attack surface CactusTorch credentials dropper exf

German users targeted with Gootkit banker or REvil ransomware

This blog post was authored by Hasherezade and Jérôme Segura On November 23, we received an alert from a partner about a resurgence of Gootkit infections in Germany. Gootkit is a very capable banking Trojan that has been around since 2014 and possesses a number of functionalities such as keystroke or video recording designed to steal financially-related i
Publish At:2020-11-30 14:30 | Read:2527 | Comments:0 | Tags:Malware Threat analysis banker fileless german germany gootk

New Attack Abused Windows Error Reporting Service to Evade Detection

Security researchers came across a new attack that abused the Windows Error Reporting (WER) service in order to evade detection.Malwarebytes observed that the attack began with a .ZIP file containing “Compensation manual.doc.”The security firm reasoned that those responsible for this attack had likely used spear-phishing emails to distribute the document, a
Publish At:2020-10-06 13:55 | Read:1630 | Comments:0 | Tags:IT Security and Data Protection Latest Security News fileles

Netwalker Fileless Ransomware Injected via Reflective Loading

By Karen Victor Threat actors are continuously creating more sophisticated ways for malware to evade defenses. We have observed Netwalker ransomware attacks that involve malware that is not compiled, but written in PowerShell and executed directly in memory and without storing the actual ransomware binary into the disk. This makes this ransomware variant a f
Publish At:2020-05-24 07:47 | Read:2097 | Comments:0 | Tags:Malware Ransomware fileless Netwalker ransomware

Analyzing the Fileless, Code-injecting SOREBRECT Ransomware

by Buddy Tancio (Threats Analyst) Fileless threats and ransomware aren’t new, but a malware that incorporates a combination of their characteristics can be dangerous. Take for instance the fileless, code-injecting ransomware we’ve uncovered—SOREBRECT, which Trend Micro detects as RANSOM_SOREBRECT.A and RANSOM_SOREBRECT.B. We first encountered SOREBRECT durin
Publish At:2017-06-15 21:20 | Read:22276 | Comments:0 | Tags:Ransomware Code Injection fileless PsExec ransomware SOREBRE

Fileless Infections: An Overview

To date, there are a number of so-called fileless infections. By fileless infections or fileless malware, we are referring to an infection or malware that does not write any files to the infected system’s hard drive. By leaving as little traces behind as possible, malware authors try to postpone detection by security vendors for as long as possible. Which is
Publish At:2016-03-30 07:45 | Read:10458 | Comments:0 | Tags:Cybercrime Malware Security Threat exploit fileless kovter p

Without a Trace: Fileless Malware Spotted in the Wild

Improvements in security file scanners are causing malware authors to deviate from the traditional malware installation routine. It’s no longer enough for malware to rely on dropping copies of themselves to a location specified in the malware code and using persistence tactics like setting up an autostart feature to ensure that they continue to run. Se
Publish At:2015-04-20 16:50 | Read:7412 | Comments:0 | Tags:Malware fileless fileless malware Phasebot POWELIKS XswDownl

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud