Blog | ReversingLabs | Threat Research (10)

Threat Research (10)

May 28, 2020

Spying on SpyNet

Using static analysis, it is possible to find out what the evolution of SpyNet looked like, how different versions can be found without even looking at the code, and how to find its authors so their future activities can be monitored.

April 16, 2020

Mining for malicious Ruby gems

Typosquatting barrage on RubyGems software repository users

April 2, 2020

Hawkish applications lurking in your MacOS environment

Catching the Proton Backdoor in your Video

March 25, 2020

Unpacking the Kwampirs RAT

Exposing Attack Campaigns, Hunting Threats and Delivering Actionable Threat Intelligence

March 23, 2020

Exposing Ryuk Variants Using YARA

Getting Ahead of Ryuk attacks using YARA Rules - Continued

March 6, 2020

Sneaky Tools Infiltrating Your Mac Fortress

Potentially Unwanted Apps Masquerade as Well Behaved Applications

February 14, 2020

Reminiscence of the Flashback

The Flashback malware family is among the first widespread malware on MacOS. IAt first it went undetected for a couple of months, but then got a lot of attention in the spring of 2012 because it infected over 500,000 computers.

February 7, 2020

Is Your macOS Safe from Attack - What 2019 has Shown Us

ReversingLabs constantly tracks emerging macOS threats as well as the old, persistent ones. Mac malware developers are actively becoming more clever, attempting to make it harder to detect the malicious nature of their software.

January 31, 2020

RATs in the Library

Public hosting sites present a challenge for defenders when exploited by adversaries to conceal payloads using various encoding techniques

December 23, 2019

When Malware RATs on their Owners

The ReversingLabs Titanium Platform supports configuration extraction from over 40 different RATs/Backdoors, Keyloggers, Downloaders, Ransomware and POS malware.

December 17, 2019

The Hunt for NTCrypt: Exposing a Malicious Packer

ReversingLabs TitaniumCore is a static analysis engine with inspection capabilities that must overcome these obfuscation attempts. To improve visibility in our products, we continuously improve unpacking by supporting new packer formats.

December 13, 2019

Going Behind the Scenes of Cybercrime Group FIN6’s Attack On Retail and Hospitality

A step that an adversary takes during the post exploitation phase of an attack is to establish a command line interface with a computer inside the victim’s network. One recent incident demonstrates the entire intrusion set operated by FIN6, a financially motivated threat actor group.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Industry

Partners

Alliances

Resources

Company

Events

Press

Threat Research (10)

Spying on SpyNet

Mining for malicious Ruby gems

Hawkish applications lurking in your MacOS environment

Unpacking the Kwampirs RAT

Exposing Ryuk Variants Using YARA

Sneaky Tools Infiltrating Your Mac Fortress

Reminiscence of the Flashback

Is Your macOS Safe from Attack - What 2019 has Shown Us

RATs in the Library

When Malware RATs on their Owners

The Hunt for NTCrypt: Exposing a Malicious Packer

Going Behind the Scenes of Cybercrime Group FIN6’s Attack On Retail and Hospitality

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

Threat Research (10)

Topics

Follow us

Subscribe

Special Reports