Malware analysis – MCYSEKA-Maritime Cyber Security Knowledge Archive

SnakeKeylogger: A Multistage Info Stealer Malware Campaign

SnakeKeylogger – A Multistage Info Stealer Malware Campaign Info-stealer malware has become a growing threat, with attackers constantly refining their techniques to evade detection. Among these threats, SnakeKeylogger has emerged as one of the highly active credential-stealing malware, targeting individuals and businesses. Known for its multi-stage infection chain and stealthy in-memory execution, SnakeKeylogger is designed […]

The post SnakeKeylogger: A Multistage Info Stealer Malware Campaign appeared first on Blogs on Information Technology, Network & Cybersecurity | Seqrite.

March 25, 2025

0 comment

Fake CAPTCHA Lures Victims: Lumma Stealer Abuses Clipboard and PowerShell

Fake CAPTCHA Lures Victims: Lumma Stealer Abuses Clipboard and PowerShell Introduction: We recently identified a new malware campaign using fake CAPTCHA pages to deliver Lumma Stealer, an infostealer operating under the malware-as-a-service (MaaS) model, first discovered in 2022. In previous campaigns, including those in mid-2024, attackers used ClickFix a deceptive tactic involving phishing and fake […]

The post Fake CAPTCHA Lures Victims: Lumma Stealer Abuses Clipboard and PowerShell appeared first on Blogs on Information Technology, Network & Cybersecurity | Seqrite.

February 25, 2025

0 comment

XWorm: Analyzing New Infection Tactics With Old Payload

Introduction: Attackers are continuously developing different techniques to infect systems and steal sensitive information. A recent campaign a multi-stage infection chain that starts with a LNK file, which lures the victim into opening an invoice in a web browser. In the background, it performs a series of malicious activities that infect the system with a […]

The post XWorm: Analyzing New Infection Tactics With Old Payload appeared first on Blogs on Information Technology, Network & Cybersecurity | Seqrite.

December 4, 2024

0 comment

Microsoft announces wider availability of AI-powered Security Copilot

Microsoft Security Copilot has been made available to a larger number of enterprise customers, via an invitation-only Early Access Program. What is Microsoft Security Copilot? “Security Copilot is an AI assistant for security teams that builds on…

October 23, 2023

0 comment

Malware Persistence Locations: Windows and Linux

Malware persistence is a crucial aspect of cyber threats that often goes unnoticed by unsuspecting users. In the realm of cybersecurity, it refers to the ability of malicious software to establish a foothold on a targeted system, allowing it to maintain its presence over an extended period. This persistence is achieved through various covert techniques, […]

September 23, 2023

0 comment

Avred – Antivirus Red Teaming Unleashed

Antivirus REDucer for Antivirus REDteaming. Avred tries to provide as much context and information about each match as possible when identifying which portions of a file an antivirus has identified. Avred is a new tool that breaks down how antivirus programs work and shows exactly which parts of a file cause antivirus alerts. This tool […]

September 6, 2023

0 comment

PortEx : Java Library To Analyse Portable Executable Files With A Special Focus On Malware Analysis And PE Malformation Robustness

PortEx is a Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java […]

July 18, 2023

0 comment

Polymorphic Malware Using #AI

In the ever-evolving landscape of cybersecurity, malicious actors constantly seek new ways to infiltrate computer systems, wreak havoc, and exploit vulnerabilities. One of their most insidious tools is polymorphic malware, a shape-shifting threat that challenges traditional defense mechanisms and poses a formidable challenge to organizations and individuals alike. In this blog post I will investigate […]

May 25, 2023

0 comment

Rorschach ransomware deployed by misusing a security tool

An unbranded ransomware strain that recently hit a US-based company is being deployed by attackers who are misusing a tool included in a commercial security product, Check Point researchers have found. The solution in question is Palo Alto Networks&#82…

April 6, 2023

0 comment

Reversing Emotet Dropping Javascript

Recently (On March 18 2023 at 23:44), a new malspam campaign has been observed in the wild ( HERE ), which caused a significant amount of concern. This campaign is designed to distribute malicious emails, which contain a harmful payload that can infect a user’s system, steal sensitive information, or launch other types of attacks. […]

March 22, 2023

0 comment

1 2

M	T	W	T	F	S	S
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30	31