All / Spotlight / Malware / Ransomware / Intrusions By DateAlphabetical The Unseen Layers: Exploring the Tactics of Mult ... November 27, 2023 OVERVIEW Recently, the SonicWall Capture Labs Threat Research team has identified a new .NET Packer that is currently being widely used by the various stealers such as Lokibot … SysAid Path Traversal Vulnerability November 21, 2023 Overview SonicWall Capture Labs Threat Research Team became aware of the SysAid path traversal vulnerability, assessed its impact and developed mitigation measures for the vul … Malicious LNK Files Use PowerShell to Deliver Pa ... November 18, 2023 Overview This week, the Sonicwall Capture Labs Research team has observed an increase in shortcut-based (LNK) malware. These seemingly legitimate LNK files execute PowerShell … AgentTesla Updates Its Infection Chain November 9, 2023 The SonicWall Capture Labs Threat Research team has observed AgentTesla infostealer being deployed using image(.jpg) files for last few months. We have observed multiple ZIP f … Payola ransomware operator demands remote access ... November 3, 2023 The Sonicwall threat research team have recently been tracking a new ransomware family called Payola. This family of ransomware appeared in late August 2023. It is written in … Sunhillo SureLine Command Injection Vulnerabilit ... November 3, 2023 Sunhillo SureLine versions before 8.7.0.1.1 contain an unauthenticated OS command injection vulnerability through the ipAddr or dnsAddr parameters within the networkDiag.cgi s … Mystic Stealer Uses Trickery To Steal Data October 16, 2023 This week, the SonicWall Capture Labs Research Team looked at a sample of Mystic Stealer. This is an infostealer that first appeared earlier in 2023. It has a variety of defen … A look at the latest Snatch Ransomware September 22, 2023 This week, the Sonicwall Capture Labs Research team analyzed the latest Snatch ransomware. Snatch operates as a ransomware-as-a-service (RaaS), a business model where the malw … RZML ransomware exfiltrates files, cookies and c ... September 8, 2023 The SonicWall Capture Labs threats research team has been tracking a recent family of ransomware called RZML. This ransomware appeared in the wild over the last 7 days and ap … RunpeX Abuses Legitimate AntiMalware Driver August 11, 2023 Bring Your Own Vulnerable Driver (BYOVD) A new variant from Chaos Ransomware family surfa ... August 1, 2023 The SonicWall Capture Labs Research team has received a sample of a new variant from Chaos Ransomware family which is a customizable ransomware builder that emerged in undergr … Agent Tesla RAT Disguised As NSIS Installer July 5, 2023 SonicWall Capture Labs Research team recently observed an Agent Tesla malware that is being loaded by using Native Loader. Agent Tesla is an advanced Remote Access Trojan (RAT …