ZetaNile: Open source software trojans from North Korea

ZetaNile: Open source software trojans from North Korea

| | Threat Research
ReversingLabs Malware Researcher Joseph Edwards takes a deep dive into ZetaNile, a set of open-source software trojans being used by Lazarus/ZINC ... Read More
ZetaNile: Open source software trojans from North Korea

ZetaNile: Open source software trojans from North Korea

| | Threat Research
ReversingLabs Malware Researcher Joseph Edwards takes a deep dive into ZetaNile, a set of open-source software trojans being used by Lazarus/ZINC ... Read More
GwisinLocker ransomware targets South Korean industrial and pharma firms

GwisinLocker ransomware targets South Korean industrial and pharma firms

| | Threat Research
Taking its name from “Gwisin,” a Korean term for “ghost” or “spirit,” GwisinLocker is a new ransomware family that targets South Korean industrial and pharmaceutical companies.  ... Read More
Threat analysis: Follina exploit fuels 'live-off-the-land' attacks

Threat analysis: Follina exploit fuels ‘live-off-the-land’ attacks

| | Threat Research
An analysis of three in-the-wild payloads delivered using the recently discovered Follina exploit shows how attackers can use it to achieve persistent access in victim environments and turbo-charge efforts to ‘live off the land’ and avoid detection by security monitoring tools.  ... Read More
Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs

Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs

ReversingLabs recently discovered instances of the AstraLocker 2.0 malware distributed directly from Microsoft Word files used in phishing attacks. Executive Summary ReversingLabs recently discovered of a new version of the AstraLocker ransomware (AstraLocker 2.0) that was being distributed directly from Microsoft Office files used as bait in phishing attacks. Our ... Read More

Application Security Check Up