RDP Abuse and Swiss Army Knife Tool Used to Pillage, Encrypt and Manipulate Data

RDP Abuse and Swiss Army Knife Tool Used to Pillage, Encrypt and Manipulate Data

Bitdefender researchers recently found threat actors abusing a legitimate feature in the RDP service to act as a fileless attack technique, dropping a multi-purpose off-the-shelf tool for device fingerprinting and for planting ...
Revisiting Glupteba: Still Relevant Five Years after Debut

Revisiting Glupteba: Still Relevant Five Years after Debut

In the fast-paced world of cybersecurity, malware normally gets a brief period in the spotlight before it falls into oblivion. This is not the case with Glupteba, a backdoor first spotted in ...
Multiple Vulnerabilities in Belkin WeMo Insight Switch

Multiple Vulnerabilities in Belkin WeMo Insight Switch

Internet of Things devices have become commonplace in modern homes. Relatively inexpensive and easy to control remotely, they promise a world at your fingertips. Security vulnerabilities in connected devices can not only ...
Ring Video Doorbell Pro Under the Scope

Ring Video Doorbell Pro Under the Scope

This article – part of a series developed in partnership with PCMag – aims to shed some light about the security of world’s best-sellers in the IoT space. PCMag contacted the research ...
Dozens of Apps Still Dodging Google’s Vetting System

Dozens of Apps Still Dodging Google’s Vetting System

Bitdefender researchers recently analyzed 25 apps that made it into Google Play, at least for a time, packing aggressive adware SDKs that bombarded users with ads and avoided removal by hiding their ...
A close look at Fallout Exploit Kit and Raccoon Stealer

A close look at Fallout Exploit Kit and Raccoon Stealer

Over the last few months, we have seen increased Exploit Kit activity. One example is the Fallout Exploit Kit, which we will describe in depth in this article. Since its emergence in ...
Who IsErIk: A Resurface of an Advanced Persistent Adware?

Who IsErIk: A Resurface of an Advanced Persistent Adware?

As the malware industry expands, new tricks added to the cyber-criminal arsenal show up on a daily basis. Our Advanced Threat Control team has identified a massive expansion of the malicious repertoire ...
Worm-Cryptominer Combo Lets You Game While Using NSA Exploits to Move Laterally

Worm-Cryptominer Combo Lets You Game While Using NSA Exploits to Move Laterally

Bitdefender researchers recently found and analyzed a worm-cryptominer combo that uses a series of exploits to move laterally and compromise victims. What makes it interest is that it pauses the resource-intensive cryptomining ...
Protecting against SWAPGS Attack via Hypervisor Introspection

Bypassing KPTI Using the Speculative Behavior of the SWAPGS Instruction

Bitdefender senior researchers Dan Horea Luțaș and Andrei Vlad Luțaș recently uncovered a new speculative-execution vulnerability and demonstrated how it can be exploited via a side-channel style attack, dubbed SWAPGS Attack. The ...
Astaroth Trojan Resurfaces, Targets Brazil through Fileless Campaign

Astaroth Trojan Resurfaces, Targets Brazil through Fileless Campaign

During routine detection monitoring from our Advanced Threat Control technology, Bitdefender researchers found an interesting spike in malware activity that involved using Microsoft binaries in the infection process, as well as GitHub ...