DNS is a hierarchical decentralized naming system. There are multiple ways in which threat actors can leverage DNS to carry out attacks. We will provide a an introduction to DNS threat landscape.
Love-GPT is a tool that provides vast functionality over several different dating platforms, providing the capability to create fake accounts, interact with victims, anonymize the access, and more. It also uses ChatGPT, to achieve its goals.
Large language models (LLMs) and generative AI are undergoing a significant increase in their abilities and global utilization. They are going to play a key role in the cyber threat landscape.
Avast discovered a distribution point where a malware toolset is hosted, but also serves as temporary storage for the gigabytes of data being exfiltrated on a daily basis, including documents, recordings, and webmail dumps including scans of passports from Asian, American and European citizens and...
Our threat hunters have been busy searching for abuse of the recently-released zero-day remote code execution bug in Microsoft Office (CVE-2022-30190). As part of their investigations, they found evidence of a threat actor hosting malicious payloads on what appears to be an Australian VOIP...
Avast Threat Intelligence Team has found a remote access tool (RAT) actively being used in the wild in the Philippines that uses what appears to be a compromised digital certificate belonging to the Philippine Navy.
Avast has found a targeted attack on a small US federal government commission. Despite the fact that they did not cooperate with us, we were able to analyze two files involved in this attack.
Based on Jiří Vinopal's published analysis and found weaknesses in the AtomSilo and LockFile ransomware strains, we created free Avast decryptor for both of them. Read and download.
New blog series on how threat actors abuse Cobalt Strike. This first part explains how to analyze, decode and parse Cobalt Strike payloads.
For several months now, we have been tracking malware called Guildma. Guildma is powerful combination of a RAT (remote access tool), spyware, password stealer and banker malware, mainly distributed via malicious attachments in phishing email campaigns. The cybercriminals behind Guildma have...