rachelkesavanMuddyWater Back with DarkBitRecently, we came across a tweet about DarkBit ransomware. An Iranian APT group, named MuddyWater, is reportedly behind the DarkBit…May 24, 2023May 24, 2023
rachelkesavanMustang Panda — PE Injection through Opera MailWe came across a tweet where Mustang Panda APT abuses an Opera Mail binary to sideload a malicious dll and then inject malicious code into…May 24, 2023May 24, 2023
rachelkesavanSpyNote targets IRCTC usersWe at K7 Labs, recently came across an email message as shown in Figure 1, from Indian Railway Catering and Tourism Corporation (IRCTC)…May 23, 2023May 23, 2023
rachelkesavanAMOS (MacOS Stealer)In the last week of April 2023, it was reported on twitter, that through a telegram channel a new malware was being offered as “Atomic…May 23, 2023May 23, 2023
rachelkesavanThree Reasons Why K7’S Latest Threat Report Is Essential ReadingWith the advancements in technology and increased interconnectivity, the risks of cyber threats are rising. The K7 quarterly threat report…May 23, 2023May 23, 2023
rachelkesavanDuckTail Malware Targets Facebook Business AccountsDucktail is an info-stealer malware with its primary focus on stealing data related to Facebook. This group primarily relies on social…May 23, 2023May 23, 2023
rachelkesavanAll You Need To Know About Brute ForcingThis blog is a comprehensive guide to brute forcing attacks and how to protect your data from threat actors.May 23, 2023May 23, 2023
rachelkesavanThe Ultimate Guide To Protecting Yourself From Latest WhatsApp AttacksWith over two billion daily active users, WhatsApp has become the beehive of phishing attacks in the past few years. The key reason behind…May 23, 2023May 23, 2023
rachelkesavanCVE-2023–21716: A new Office ExploitIn Feb-2023, Microsoft (MS) patched a vulnerability in Microsoft Word which, if successfully exploited, could allow an attacker to execute…Apr 25, 2023Apr 25, 2023
rachelkesavanGoatRAT Attacks Automated Payment SystemsRecently, we came across a detection in our telemetry report named “com.goatmw” which gained our attention. We decided to investigate…Apr 25, 2023Apr 25, 2023