dcsimg

Fileless malware: getting the lowdown on this insidious threat

Traditionally, malware attacks as we have always known them are files written to disk in one form or another that require execution in order to carry out their malicious scope. Fileless malware, on the other hand, is intended to be memory resident only, ideally leaving no trace after its execution. The malicious payload exists dynamically and purely in RAM, which means nothing is ever written … [Read more...]

SamSam ransomware: controlled distribution for an elusive malware

SamSam ransomware has been involved in some high profile attacks recently, and remains a somewhat elusive malware. In its time being active, SamSam has gone through a slight evolution, adding more features and alterations into the mix. These changes do not necessarily make the ransomware more dangerous, but they are added to make it just a bit more tricky to detect or track as it is constantly … [Read more...]

SamSam ransomware: what you need to know

SamSam ransomware is a custom infection used in targeted attacks, often deployed using a wide range of exploits or brute-force tactics. Based on our own run-ins with the infection, we’ve observed that attacks were made on targets via vulnerable JBoss host servers during a previous wave of SamSam attacks in 2016 and 2017. In 2018, SamSam uses either vulnerabilities in remote desktop protocols … [Read more...]