Security Affairs

MARCH 1, 2021

” reads the analysis published by researchers Gabor Szappanos and Andrew Brandt from Sophos. In its latest attempts to evade detection by endpoint security tools, Gootloader has moved as much of its infection infrastructure to a “fileless” methodology as possible.” ” continues the analysis. “This.js

Search queries 114

Search queries CMS Ransomware File names 114

Security Affairs

APRIL 2, 2019

Security experts at Zscaler discovered that threat actors are using hidden “well-known” directories of HTTPS sites to store and deliver malicious payloads. of the popular CMS that are affected by a cross-site request forgery (CSRF) flaw that resides in the comment section of WordPress that is enabled by defaul t. “The hidden /.well-known/

CMS 109

CMS Phishing Ransomware File names 109

Security Affairs

DECEMBER 17, 2019

And our analysis shows that this is a fully functional, covert and RAT program targeting both Windows and Linux platforms, and the samples share some key characters being used by Lazarus Group.” ” reads the analysis published by Qihoo 360 Netlab. com /cms/ wp -content/uploads/2015/12/. ” continues the analysis.

CMS 77

CMS File names Encryption Access 77

Security Affairs

FEBRUARY 19, 2019

Since the beginning of the year, security firms observed a new intense ransomware campaign spreading the Shade ransomware. Between January and February, a new, intense, ransomware campaign has been observed by many security firms. Technical analysis. Shade encrypts all the user files using an AES encryption scheme.

Ransomware 76

Ransomware Mining File names Encryption 76