All / Spotlight / Malware / Ransomware / Intrusions By DateAlphabetical Snake Keylogger abusing Protocol Buffers seen in ... March 22, 2023 The Snake keylogger final payload is wrapped by multiple layers of protection, to prevent its detection and analysis SonicWall provides protection against exploits t ... March 15, 2023 What is CVE-2023-23397 CVE-2023-23397 is a Microsoft Outlook Elevation of Privilege Vulnerability. This allows for a NTLM Relay attack against another service to authenticate … Microsoft Security Bulletin Coverage for March 2 ... March 14, 2023 SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of March 2023. New variant of the shellcode malware GuLoader sp ... March 14, 2023 The SonicWall RTDMI is detecting a surge of VBScript files for last few weeks which downloads and executes GuLoader shellcode on the victim’s machine phpIPAM SQL Injection Vulnerability March 10, 2023 Overview: SonicWall Capture Labs Threat Research Team has observed the following threat: phpIPAM is a free and open-source web-based IP address managem … Android malware steals your Google Authenticator ... March 8, 2023 The SonicWall Capture Labs Threat Research team came across a malware campaign that steals device information, card information, and google authenticator code on Android devic … OneNote files are being used to deliver fileless ... March 7, 2023 SonicWall RTDMI detected OneNote malicious file is not detected by any security providers available on popular threat intelligence sharing portals like the VirusTotal and the … A multifunction trojan targeting Linux hosts has ... March 3, 2023 This week, the Sonicwall Capture Labs Research team analyzed a Trojan downloader targeting Linux environments. This Trojan has been around since 2019, but has not been active … Froxlor 2.0.6 RCE Vulnerability March 3, 2023 Overview: SonicWall Capture Labs Threat Research Team has observed the following threat: Froxlor is a web-based server management panel that allows use … Cacti Command Injection Vulnerability February 24, 2023 A command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored … Vohuk Ransomware uses Cipher.exe making files re ... February 21, 2023 Vohuk Ransomware uses the genuine Windows tool Cipher.exe to overwrite the deleted files which make the recovery of the files impossible. Microsoft Security Bulletin Coverage for Februar ... February 14, 2023 SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of February 2023.