<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=116645602292181&amp;ev=PageView&amp;noscript=1">

Insights Resources

Research

Pervasive Brazilian financial malware targets bank customers in Latin America and Europe

Cybereason’s Nocturnus team mapped out the multi-stage malware distribution infrastructure behind Brazilian financial malware and found that Brazilian-made malware have become pervasive and target over 60 banks in nearly a dozen countries throughout Latin America, Spain and Portugal.

Read More
Research

Cybereason’s Nocturnus team mapped out the multi-stage malware dist...

Read More
Research

WANNAMINE CRYPTOMINER THAT USES ETERNALBLUE STILL ACTIVE

The Wannamine cryptominer, which uses the EternalBlue exploits, is still active although a patch that fixes these well-known vulnerabilities was released last March. Amit Serper, Cybereason's head of security research, examines this variant and makes the case for patching your systems.

Read More
Research

The Wannamine cryptominer, which uses the EternalBlue exploits, is ...

Read More
Research

ATTACKERS INCRIMINATE A SIGNED ORACLE PROCESS FOR DLL HIJACKING, RUNNING MIMIKATZ

With application whitelisting being integrated into an OS’s security stack, attackers need more creative ways to use their tools without getting detected. In this incident observed by Cybereason, DLL hijacking was used to run Mimikatz using a process that was signed and verified by Oracle.

Read More
Research

With application whitelisting being integrated into an OS’s securit...

Read More
Research

NIGHT OF THE DEVIL: RANSOMWARE OR WIPER? A LOOK INTO TARGETED ATTACKS IN JAPAN USING MBR-ONI

For several months Cybereason has been following the concerning rise of ONI, a family of ransomware involved in targeted attacks against Japanese companies. We suspect that the ONI ransomware was used as a wiper to cover up an elaborate hacking operation.

Read More
Research

For several months Cybereason has been following the concerning ris...

Read More
Research

LEVERAGING EXCEL DDE FOR LATERAL MOVEMENT VIA DCOM

DDE, or Dynamic Data Exchange, is a legacy interprocess communication mechanism that’s been part of some Windows applications since as early as 1987. DDE enables applications to request items made available by other programs, such as cells in a Microsoft Excel spreadsheet, and be notified of any changes within these items.

Read More
Research

DDE, or Dynamic Data Exchange, is a legacy interprocess communicati...

Read More