Hot Topics

Malware Analysis

DarkGate Malware Campaign Exploits Patched Microsoft Flaw

| | Advanced persistent threat (APT), Cyber Attack Mitigation, Cybersecurity News, cybersecurity threats, DarkGate Malware, DLL Sideloading, Exploit Techniques, Malicious Software Installers, Malware Analysis, Microsoft Flaw, patch management, Phishing Campaigns, Trend Micro, Water Hydra, Zero Day Initiative (ZDI)
The Zero Day Initiative (ZDI) by Trend Micro uncovered a phishing campaign that exploited a patched Microsoft flaw to infect devices with DarkGate malware. CVE-2024-21412 was the Microsoft patch that was exploited ...
TuxCare
npm packages caught exfiltrating Kubernetes config, SSH keys

npm packages caught exfiltrating Kubernetes config, SSH keys

| | DevZone, Malware Analysis, npm
The Sonatype Security Research team is currently tracking an ongoing campaign on the npm registry that uses npm packages to retrieve and exfiltrate your Kubernetes configuration and SSH keys to an external ...
Sonatype Blog
New npm PoC packages target PayPal Zettle, Airbnb developers

New npm PoC packages target PayPal Zettle, Airbnb developers

| | dependency confusion, DevZone, Malware Analysis, npm
Sonatype has identified several npm packages that are named after internal dependencies purportedly used by PayPal Zettle and Airbnb developers ...
Sonatype Blog
Malicious PyPI package ‘VMConnect’ imitates VMware vSphere connector module

Malicious PyPI package ‘VMConnect’ imitates VMware vSphere connector module

| | DevZone, Malware Analysis, open source, PyPI
This month, we analyzed a malicious PyPI package called ‘VMConnect,’ which has been designed to strongly resemble the legitimate VMware vSphere connector module, ‘vConnector’, except it hides sinister code within ...
Sonatype Blog
“Quoi...? feur” from meme to malware – PyPI package targets Windows with ‘NullRAT’ info-stealer

“Quoi…? feur” from meme to malware – PyPI package targets Windows with ‘NullRAT’ info-stealer

| | DevZone, Malware Analysis, PyPI, Sonatype Repository Firewall
We’ve got a rather interesting malicious finding this month to talk about, the one that mixes a meme with malware ...
Sonatype Blog
Protecting Software Developers from Malware with AI/ML Insights

Protecting Software Developers from Malware with AI/ML Insights

| | FEATURED, Malware Analysis, News and Views, Post security/devsecops, Sonatype Repository Firewall
In my last post I talked about solutions to address malware and the increase in attacks. Today I’ll dig into what’s necessary to find and avoid malware ...
Sonatype Blog
[New Live Series] Dev Chat with Dan Conn: Beware of Malware

[New Live Series] Dev Chat with Dan Conn: Beware of Malware

| | DevZone, Malware Analysis, malware prevention, News and Views, Sonatype Live Series
  ...
Sonatype Blog
Attacker floods PyPI with 450+ malicious packages that drop Windows trojan via Dropbox

Attacker floods PyPI with 450+ malicious packages that drop Windows trojan via Dropbox

| | FEATURED, Malware Analysis, PyPI, Vulnerabilities
Sonatype has been tracking an open source malware campaign developing over the weekend in which a threat actor is infiltrating the PyPI software registry with hundreds of malicious packages. These packages are ...
Sonatype Blog
Intro to Malware Analysis: Analyzing Python Malware

Intro to Malware Analysis: Analyzing Python Malware

| | DevZone, Malware Analysis, Nexus Firewall, Nexus Vulnerability Scanner, python
  ...
Sonatype Blog
How to Peel a PowerShell Onion: A Bloodhound Case Study

How to Peel a PowerShell Onion: A Bloodhound Case Study

| | Cybersecurity, GRIT, Incident Response & Threat Intelligence, Malware Analysis, powershell, Technical
Published May 2, 2022 Introduction Recently the GuidePoint Security DFIR team was called in to conduct an investigation for a […] ...
The Guiding Point | GuidePoint Security
Load more