Browsing tag
Divergent or Nodersok? A new fileless malware emerges in the wild. The payload termed “Divergent” by Cisco Talos Researchers and “Nodersok” by Microsoft utilizes Node.exe – an implementation by Microsoft of NodeJS – along with a legitimate program named WinDivert – a packet capture tool – to make up the malware. According to Microsoft, thousands […]
Forget WannaCry and welcome WannaMine, a fileless cryptojacking malware using leaked NSA exploit called EternalBlue. We cannot ignore the fact that cryptocurrencies are much in demand and monetary worth of digital currencies like Bitcoin, Ethereum, Litecoin, and Monero have soared tremendously, thereby, increasing the purchasing power and liquidity of cryptocurrency wallets. In such a time, cybercriminals […]
Researchers at endpoint security firm enSilo have identified a new attack that affects all Windows versions and allows attackers to use Microsoft Windows features to evade detection in prominent anti-virus products and infect a targeted device with malicious programs including malware. Dubbed ‘Process Doppelgänging‘ by Tal Liberman and Eugene Kogan of EnSilo, the attack was demonstrated during Black Hat […]