Thread Defense

Asnarök attackers twice modified attack midstream

In the hours after Sophos issued hotfixes that secured firewalls targeted by unknown threat actors, the attackers pivoted to a new phase of the attack, adding new components—including files intended to spread ransomware to unpatched Windows machines inside the network. Unfortunately for the threat actors, the hotfixes also prevented the subsequent attempted attacks. Since we […]

Chrome 83 arrives with enhanced security and privacy controls

New features include DNS over HTTPS, a Safety Check section and simpler cookie management Google has launched the hotly anticipated version 83 of its Chrome browser that comes complete with a raft of features originally planned for version 82, which was scrapped due to the COVID-19 pandemic. Most of all, the new release brings new […]

Ragnar Locker ransomware deploys virtual machine to dodge security

A new ransomware attack method takes defense evasion to a new level—deploying as a full virtual machine on each targeted device to hide the ransomware from view. In a recently detected attack, Ragnar Locker ransomware was deployed inside an Oracle VirtualBox Windows XP virtual machine. The attack payload was a 122 MB installer with a 282 […]

No “Game over” for the Winnti Group

The notorious APT group continues to play the video game industry with yet another backdoor In February 2020, we discovered a new, modular backdoor, which we named PipeMon. Persisting as a Print Processor, it was used by the Winnti Group against several video gaming companies that are based in South Korea and Taiwan and develop […]

These things may be cool, but are they safe?

In the rush to embrace IoT devices, we shouldn’t trade in our privacy and security for the added convenience Ours is an interconnected world. We have smart doorbells, so we can check on our smartphones who rang, smartwatches to track our children’s’ locations, and fitness trackers to see how we are doing with our physical […]

Bluetooth flaw exposes countless devices to BIAS attacks

As many as 30 smartphones, laptops and other devices were tested – and all were found to be vulnerable A team of researchers has unveiled a new vulnerability in the Bluetooth wireless communication protocol that exposes a wide range of devices, such as smartphones, laptops, and smart-home devices, to the so-called Bluetooth Impersonation AttackS (BIAS). […]