fileless

New Attack Abused Windows Error Reporting Service to Evade Detection

New Attack Abused Windows Error Reporting Service to Evade Detection

| | fileless, IT Security and Data Protection, kraken, Latest Security News, Windows Error Reporting
Security researchers came across a new attack that abused the Windows Error Reporting (WER) service in order to evade detection. Malwarebytes observed that the attack began with a .ZIP file containing “Compensation ...
The State of Security
Ransomware Goes Fileless, Uses Malicious Documents and PowerShell to Encrypt Files

Ransomware Goes Fileless, Uses Malicious Documents and PowerShell to Encrypt Files

| | fileless, ftcode, Italy, powershell, Ransomware, Threat Research, threats
In October 2019, we encountered a phishing campaign delivering a malicious Microsoft Word document that distributed ransomware with a twist. Unlike most ransomware families, such as GandCrab, WannaCry and RobinHood, the malware ...
Bromium
Divergent Malware Using NodeJS, WinDivert in Fileless Attacks

Divergent Malware Using NodeJS, WinDivert in Fileless Attacks

| | Divergent, fileless, IT Security and Data Protection, Latest Security News, Malware
Samples of a new malware family called “Divergent” are using both NodeJS and WinDivert in a series of fileless attack campaigns. Cisco Talos didn’t identify the exact delivery method for Divergent. Even ...
The State of Security
Astaroth

Astaroth-Dropper Trojan Hides in Plain Sight

| | Astaroth, Cybersecurity, fileless, Information Security, Malware, Microsoft, Phishing, SB Blogwatch, security, Security Awareness, Security News
Malware is getting harder to detect. So says an AV vendor, anyway. But here’s a fascinating case study ...
Security Boulevard
Congratulations, You’ve Won a Meterpreter Shell

Congratulations, You’ve Won a Meterpreter Shell

| | fileless, hta, living off the land, meterpreter, shellcode, threats
Posted by Josh Stroschein, Ratnesh Pandey and Alex Holland. For an attack to succeed undetected, attackers need to limit the creation of file and network artifacts by their malware. In this post, ...
Bromium
OpenText, data, malware, backup Malware

Why Fileless Malware Will Continue Its Rapid Expansion

| | cyberthreat, fileless, Malware
Fileless malware has received a lot of attention lately, and with good reason. In the last year, fileless malware, also commonly referred to as a zero-footprint attack, has successfully infiltrated a number ...
Security Boulevard
Hancitor: fileless attack with a kernel trick

Hancitor: fileless attack with a kernel trick

| | fileless, macro, Malware, security bloggers network, Threat analysis
Evading detection when distributing payloads is a key part of an effective malware campaign. Hancitor shows that it has yet another trick up its sleeve for that. Categories: Malware Threat analysis Tags: ...
Malwarebytes Labs

Week in security (February 26 – March 4)

| | fileless, malicious cryptomining, security bloggers network, Security world, Week in security, weekly blog roundup
Last week in infosec, cryptomining kept chugging along, exploits were spotted in the wild, and a massive DDoS attack targeted GitHub. Categories: Security world Week in security Tags: filelessgerman governmentmalicious cryptominingtorrentweekly blog ...
Malwarebytes Labs