EDR evasion

WantToCry Ransomware Leverages Exposed SMB for Remote Encryption Loops

• Malware

WantToCry Ransomware Leverages Exposed SMB for Remote Encryption Loops

Do Son May 23, 2026 0

A newly analyzed ransomware campaign is turning traditional endpoint defense playbooks upside down by executing its entire...

Read More Read more about WantToCry Ransomware Leverages Exposed SMB for Remote Encryption Loops

KongTuke Abandoning “ClickFix” to Launch Direct Microsoft Teams Attacks

• Cybercriminals

KongTuke Abandoning “ClickFix” to Launch Direct Microsoft Teams Attacks

Do Son May 21, 2026 0

Corporate collaboration platforms have officially moved to the top of the initial access broker playbook. A new...

Read More Read more about KongTuke Abandoning “ClickFix” to Launch Direct Microsoft Teams Attacks

EDR-Freeze: How a Researcher Turned Windows Error Reporting Into a Weapon Against Antivirus

• Open Source Tool

EDR-Freeze: How a Researcher Turned Windows Error Reporting Into a Weapon Against Antivirus

Do Son September 22, 2025 0

A new study from a ZeroSalarium security researcher sheds light on a new technique to bypass endpoint...

Read More Read more about EDR-Freeze: How a Researcher Turned Windows Error Reporting Into a Weapon Against Antivirus

GOLD SALEM: A New Ransomware Group Is Exploiting SharePoint Flaws

• Malware

GOLD SALEM: A New Ransomware Group Is Exploiting SharePoint Flaws

Do Son September 22, 2025 0

Researchers from the Sophos Counter Threat Unit (CTU) have published new intelligence on a rising ransomware group...

Read More Read more about GOLD SALEM: A New Ransomware Group Is Exploiting SharePoint Flaws

Matanbuchus 3.0 Levels Up: New Stealthy Malware Loader Exploits Microsoft Teams

• Malware

Matanbuchus 3.0 Levels Up: New Stealthy Malware Loader Exploits Microsoft Teams

Do Son July 21, 2025 0

Matanbuchus, a well-known malware loader sold as Malware-as-a-Service (MaaS), has just leveled up. In its latest evolution—Matanbuchus...

Read More Read more about Matanbuchus 3.0 Levels Up: New Stealthy Malware Loader Exploits Microsoft Teams

Waiting Thread Hijacking: A Stealthier Code Injection Technique

• Malware
• Open Source Tool

Waiting Thread Hijacking: A Stealthier Code Injection Technique

Do Son April 16, 2025 0

Process injection is a technique frequently employed by attackers, with its variations appearing in numerous malware. This...

Read More Read more about Waiting Thread Hijacking: A Stealthier Code Injection Technique

EDRsandblast Exploited: How Attackers are Weaponizing Open-Source Code

• Cyber Security
• Malware

EDRsandblast Exploited: How Attackers are Weaponizing Open-Source Code

Do Son November 3, 2024 0

Unit 42 researchers recently uncovered the toolkit of an extortionist during an investigation where a threat actor...

Read More Read more about EDRsandblast Exploited: How Attackers are Weaponizing Open-Source Code

China-Linked GhostEmperor Resurfaces: Enhanced Demodex Rootkit Targets Southeast Asia

• Cyber Security
• Malware

China-Linked GhostEmperor Resurfaces: Enhanced Demodex Rootkit Targets Southeast Asia

Do Son July 18, 2024 0

The notorious threat group GhostEmperor has resurfaced with an updated version of its sophisticated Demodex rootkit, according...

Read More Read more about China-Linked GhostEmperor Resurfaces: Enhanced Demodex Rootkit Targets Southeast Asia