aavar

10
Mar

2021 Virtual

2021 Virtual

4
Feb

Hackers Widely Abusing Excel 4.0 Macro to Distribute Malware

Excel introduced Excel 4.0 Macros (XLM) feature in 1992. Since then, this style has been commonly used to abuse Visual Basic for Applications (VBA). In 2020, it became popular amongst attackers as this macro is challenging to catch in detection; thus, many cybersecurity providers struggle to defend against Excel 4 macro-based attacks. This allows attackers to explore deeper into XLM

Read more

2
Feb

US Colonial pipeline attack timeline at AVAR2021

The colonial pipeline ransomware attacks $5 million paid, stole 100GB of Data, shut down the pipeline and website presence. It was the largest Cyberattack on an oil infrastructure target in the history of the United States. Our team started research on Darkside from an early uprising of the ransomware-as-a-Service operator and tracking all intelligence covered by the R&D center and partnered malware

Read more

31
Jan

Ransomware Double Extortion and Beyond: REvil, Clop, and Conti

The incorporation of double extortion is a turning point in the ongoing evolution of ransomware. Modern ransomware attacks follow the same modus operandi: Encrypt the targeted organizations’ files and demand payment in exchange for access restoration. However, since there is no guarantee that cybercriminals will keep their word, some organizations opt not to pay ransom, especially if they keep backup files anyway. But in late

Read more

24
Dec

FontOnLake: Previously unknown malware family targeting Linux

ESET researchers discovered a malware family with tools that show signs they’re used in targeted attacks. ESET researchers have discovered a previously unknown malware family that utilizes custom and well-designed modules, targeting operating systems running Linux. Modules used by this malware family, which we dubbed FontOnLake, are constantly under development and provide remote access to the operators, collect credentials, and

Read more

X