All / Spotlight / Malware / Ransomware / Intrusions
The Unseen Layers: Exploring the Tactics of Mult ...
November 27, 2023

OVERVIEW Recently, the SonicWall Capture Labs Threat Research team has identified a new .NET Packer that is currently being widely used by the various stealers such as Lokibot …

SysAid Path Traversal Vulnerability
November 21, 2023

Overview SonicWall Capture Labs Threat Research Team became aware of the SysAid path traversal vulnerability, assessed its impact and developed mitigation measures for the vul …

Malicious LNK Files Use PowerShell to Deliver Pa ...
November 18, 2023

Overview This week, the Sonicwall Capture Labs Research team has observed an increase in shortcut-based (LNK) malware. These seemingly legitimate LNK files execute PowerShell …

AgentTesla Updates Its Infection Chain
November 9, 2023

The SonicWall Capture Labs Threat Research team has observed AgentTesla infostealer being deployed using image(.jpg) files for last few months. We have observed multiple ZIP f …

Payola ransomware operator demands remote access ...
November 3, 2023

The Sonicwall threat research team have recently been tracking a new ransomware family called Payola. This family of ransomware appeared in late August 2023. It is written in …

Sunhillo SureLine Command Injection Vulnerabilit ...
November 3, 2023

Sunhillo SureLine versions before 8.7.0.1.1 contain an unauthenticated OS command injection vulnerability through the ipAddr or dnsAddr parameters within the networkDiag.cgi s …

Mystic Stealer Uses Trickery To Steal Data
October 16, 2023

This week, the SonicWall Capture Labs Research Team looked at a sample of Mystic Stealer. This is an infostealer that first appeared earlier in 2023. It has a variety of defen …

A look at the latest Snatch Ransomware
September 22, 2023

This week, the Sonicwall Capture Labs Research team analyzed the latest Snatch ransomware. Snatch operates as a ransomware-as-a-service (RaaS), a business model where the malw …

RZML ransomware exfiltrates files, cookies and c ...
September 8, 2023

The SonicWall Capture Labs threats research team has been tracking a recent family of ransomware called RZML.  This ransomware appeared in the wild over the last 7 days and ap …

RunpeX Abuses Legitimate AntiMalware Driver
August 11, 2023

Bring Your Own Vulnerable Driver (BYOVD)

A new variant from Chaos Ransomware family surfa ...
August 1, 2023

The SonicWall Capture Labs Research team has received a sample of a new variant from Chaos Ransomware family which is a customizable ransomware builder that emerged in undergr …

Agent Tesla RAT Disguised As NSIS Installer
July 5, 2023

SonicWall Capture Labs Research team recently observed an Agent Tesla malware that is being loaded by using Native Loader. Agent Tesla is an advanced Remote Access Trojan (RAT …

Scroll to top