Drawing on insights from 582 full-spectrum DFIR investigations, Mjolnir Security reveals the uncharted forensic landscape of Windows 11. This intelligence briefing moves beyond legacy artifacts to expose the critical evidence sources modern adversaries leverage, including the Windows Subsystem for Android (WSA), covert channels in Microsoft Teams, and the persistent ledger [...]
Introduction The cyber threat landscape is constantly evolving, and ransomware groups like Cl0p are consistently finding new ways to exploit vulnerabilities in the digital world. Recently, the Cl0p ransomware group targeted GoAnywhere, a popular Managed File Transfer (MFT) solution, exploiting a zero-day vulnerability. In this blog post, we will discuss ...
Introduction Emotet, a notorious banking Trojan, has been wreaking havoc in the cybersecurity world for years. With its sophisticated and ever-evolving techniques, this malware has become a significant threat to individuals and organizations alike. In this blog post, we’ll discuss how Emotet is now utilizing Microsoft OneNote to spread its ...
Qakbot Malware Attacks Resurrected By Black Basta Hacker Collective Qakbot Malware Utilized as a Means of Cyber Extortion in Canada Qakbot malware and ransomware attacks have soared across the globe as a new hacker group known as “Black Basta” has targeted a number of Canadian corporations. Qakbot ransomware sometimes referred ...
On January 27, 2021, news broke from Europol that a collaborative effort had effectively taken down and disrupted one of the most significant botnets in the past decade – Emotet. This global action and collaborative initiative incorporated authorities in the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, ...
Zeus, ZeuS, or Zbot is a Trojan horse malware package that runs on various versions of Microsoft Windows. While it can be used to carry out many malicious and criminal tasks, it is often used to steal banking information by man-in-the-browser keystroke logging and form grabbing. In a blog post ...
This is a live tracker depicting Emotet and Trickbot beaconing as we track it in real time using our sensors around the world. Your browser does not support iframes.
Security researchers at Avast have discovered a new malware strain that uses comes with a quite rich set of features for exfiltration of (sensitive) information, modular architecture capable of fetching and executing other commands and executables and all of it via multiple layers of encrypted communication named Torii. We have already ...
Backdoor.Joanap is a malicious program which is developed by cyber criminals to gain illegal income. It uses several stealthy ways to get inside the targeted computer and after successful invasion it carry out several malicious activities. According to a research this malware hides its executable in INI and CNF files ...
A new malware known as VPNFilter capable of targeting a range of routers and NAS devices rendering infected devices unusable and also capable of maintaining a persistent presence on an infected device, even after a reboot. VPNFilter has a range of capabilities including spying on traffic being routed through the ...
Drawing on insights from 582 full-spectrum DFIR investigations, Mjolnir Security reveals the uncharted forensic landscape of Windows 11. This intelligence briefing moves beyond legacy artifacts to expose the critical evidence sources modern adversaries leverage, including the Windows Subsystem for Android (WSA), covert channels in Microsoft Teams, and the persistent ledger [...]
