Severity High Analysis Summary Kimsuky is a North Korean nation-state actor that has been active since 2012. It primarily targets South Korean government agencies and conducts […]

Severity High Analysis Summary Hive is one of the quickest evolving ransomware families which was first observed in June 2021 and likely operates as an affiliate-based […]

Severity High Analysis Summary IcedID, aka BokBot – a banking trojan – first appeared in 2017. The threat actor behind IcedID is Lunar Spider. The main […]

Severity High Analysis Summary DCRat – a Russian backdoor, was initially introduced in 2018, but rebuilt and relaunched a year later. The DCRat backdoor appears to […]

Severity Medium Analysis Summary The malware loader, Bumblebee, is used to download Cobalt Strike and perhaps other malware such as ransomware. It also replaces the BazarLoader […]

Severity High Analysis Summary The STOP/DJVU ransomware initially made headlines in 2018 and has since been attacking individuals all around the world. It’s widespread on torrent […]

Severity High Analysis Summary Remcos malware has been operating since 2016. This RAT was originally promoted as genuine software for remote control of Microsoft Windows from […]

Severity Medium Analysis Summary Malspam is being used to target victims in an Agent Tesla campaign. Since its initial appearance in 2014, this has been deployed […]

Severity High Analysis Summary Gamaredon is a Russia-backed advanced persistent threat (APT) that has been operating since at least 2013. The main goal of this APT […]