Malware Analysis

April 26, 2018

THREAT RESEARCH

GravityRAT – The Two-Year Evolution Of An APT Targeting India

1 min read

GravityRAT malware has implemented new features, such as file exfiltration, remote command execution capability and anti-vm techniques. Consistent evolution and innovation beyond standard remote code execution is concerning.

April 13, 2018

THREAT RESEARCH

Malware monitor – leveraging PyREBox for malware analysis

1 min read

This post was authored by Xabier Ugarte Pedrero In July 2017 we released PyREBox, a Python Scriptable Reverse Engineering Sandbox as an open source tool. This project is part...

April 2, 2018

THREAT RESEARCH

Fake AV Investigation Unearths KevDroid, New Android Malware

1 min read

Talos identified two variants of the Android Remote Administration Tool (RAT) with the capability to steal information on the compromised device (contacts, SMS and phone history) and record phone calls.

March 5, 2018

SECURITY

Don’t Let Malware Slip Through Your Fingers

9 min read

Detecting and stopping malware is a difficult problem to solve. As the methods of detection and prevention become more advanced so too do the techniques used by malware authors.

February 1, 2018

SECURITY

Secure by Design: Enhanced Interfaces Improve Email Security and Malware Analysis

3 min read

In the infosec world, it’s well established that time is a precious commodity. Time to detection and time to resolution are critical concepts that can mean the difference between a...

January 31, 2018

SECURITY

The new face of Threat Grid for 2018

3 min read

Threat Grid's engineering team is always working on improvements to our leading malware analysis and threat intelligence platform. In the latter part of 2017 and into early 2018, the team...

January 26, 2018

SECURITY

Demystifying the API (Using Threat Grid as an Example)

3 min read

Let's talk about API usage. An API is a means of interacting with a program via another program. Just like a UI is a User Interface, an API is an...

December 8, 2017

SECURITY

Black Hat Europe 2017: Malware Analysis in the SOC

8 min read

New Cisco Threat Grid dashboard yields faster malware analysis and response Black Hat Europe kicked off just after the X Factor series finale was recorded live at the London ExCel Center, briefly mixing the Network Operations Centre (NOC) and Security Operations Centre (SOC) staff with hordes of teenaged fans. A few team members confessed to […]

November 27, 2017

THREAT RESEARCH

ROKRAT Reloaded

1 min read

This post was authored by Warren Mercer, Paul Rascagneres and with contributions from Jungsoo An. Earlier this year, Talos published 2 articles concerning South Korean threats. The first one was about the use of a malicious HWP document which dropped downloaders used to retrieve malicious payloads on several compromised websites. One of the website was a compromised government website. We […]