OVERVIEW Recently, the SonicWall Capture Labs Threat Research team has identified a new .NET Packer that is currently being widely used by the various stealers such as Lokibot …

Overview SonicWall Capture Labs Threat Research Team became aware of the SysAid path traversal vulnerability, assessed its impact and developed mitigation measures for the vul …

Overview This week, the Sonicwall Capture Labs Research team has observed an increase in shortcut-based (LNK) malware. These seemingly legitimate LNK files execute PowerShell …

The SonicWall Capture Labs Threat Research team has observed AgentTesla infostealer being deployed using image(.jpg) files for last few months. We have observed multiple ZIP f …

The Sonicwall threat research team have recently been tracking a new ransomware family called Payola. This family of ransomware appeared in late August 2023. It is written in …

Sunhillo SureLine versions before 8.7.0.1.1 contain an unauthenticated OS command injection vulnerability through the ipAddr or dnsAddr parameters within the networkDiag.cgi s …

This week, the SonicWall Capture Labs Research Team looked at a sample of Mystic Stealer. This is an infostealer that first appeared earlier in 2023. It has a variety of defen …

This week, the Sonicwall Capture Labs Research team analyzed the latest Snatch ransomware. Snatch operates as a ransomware-as-a-service (RaaS), a business model where the malw …

The SonicWall Capture Labs threats research team has been tracking a recent family of ransomware called RZML.  This ransomware appeared in the wild over the last 7 days and ap …

Bring Your Own Vulnerable Driver (BYOVD)

The SonicWall Capture Labs Research team has received a sample of a new variant from Chaos Ransomware family which is a customizable ransomware builder that emerged in undergr …

SonicWall Capture Labs Research team recently observed an Agent Tesla malware that is being loaded by using Native Loader. Agent Tesla is an advanced Remote Access Trojan (RAT …