May 26 · 35 min read · TL;DR. The malware sample uses the three-file set Avk.exe, Avk.dll, and AVKTray.dat, deployed from an MSI file downloaded by Browser_Updater.exe. The execution chain starts with DLL sideloading throug
Join discussion
Mar 12 · 5 min read · The Interlock ransomware group just crossed a line that cybersecurity experts have been dreading. They're using AI to generate custom malware variants, starting with something called Slopoly malware that's showing up in active attacks. This isn't som...
Join discussion
Mar 2 · 3 min read · The Threat Microsoft Threat Intelligence has issued a warning about a campaign targeting gamers through fake versions of popular tools like Xeno and Roblox PlayerBeta. These trojanized executables are being distributed through browsers and chat platf...
Join discussionFeb 19 · 3 min read · Today we’re investigating another LetsDefend alert: SOC164 – Suspicious Mshta Behavior This alert focuses on detecting suspicious usage of a legitimate Windows binary often abused by attackers. 🔎 Alert Overview From the monitoring page, we are pro...
Join discussion
Feb 17 · 3 min read · Today we’re investigating another LetsDefend alert: SOC282 – Phishing Alert: Deceptive Mail Detected This alert focuses on identifying whether a suspicious email is malicious and determining the appropriate response actions. 🔎 Alert Overview From ...
Join discussion
