Minerva » Malware
3 FOLLOWERS
This category is about Malware Evasion Techniques, Wiper Attacks, Virtual Patching, and much more. Minerva is the industry's pure ransomware prevention solution, working seamlessly alongside existing EDR/EPP/XDR solutions without causing any degradation to the endpoints. Existing EDRs are not enough. They are built to detect the malicious activity first, and only then respond. Ransomware..
Minerva » Malware
1y ago
Since March of 2022 we’ve seen a gradual uptick in Adobe Acrobat Reader processes attempting to query which security product DLLs are loaded into it by acquiring a handle of the DLL. The significant rise over the recent months caught our attention as it is very unusual behavior for Adobe.  ..read more
Minerva » Malware
1y ago
Cyber threats are nothing new. I remember back in the late 80s my brother and I managed to infect our parents' x86 computer with a ping pong virus which simply placed an annoying ping pong ball on the screen which would tenaciously bounce around the screen and annoy the crap out of whoever is trying to work on the computer ..read more
Minerva » Malware
1y ago
SunCrypt is a RaaS (Ransomware as a Service) group that was first seen in October 2019, and was one of the first groups to apply triple extortion* tactics to their attacks. Unlike other RaaS groups, SunCrypt runs a small and closed affiliate program. The first version of this ransomware was written in GO, but after C and C++ versions were released in mid-2020, the group became much more active. SunCrypt mostly affects the Services, Technology, and Retail industries. Our researchers recently identified an updated version of this ransomware which includes additional capabilities.  ..read more
Minerva » Malware
1y ago
This is the second of a series of blog posts covering some of the more common evasion techniques used by malware developers. Feel free to visit the first post dealing for what is arguably the most widely used technique—sandbox evasion.
As mentioned in our previous post, modern malware doesn't break out and wreak havoc the moment it lands in your network. Instead, it usually employs a number of techniques in order to remain undetected by various security tools protecting the network.
This post discusses the "Living off the Land" technique ..read more
Minerva » Malware
1y ago
We’ve barely started March 2022, but according to LockBit’s 2.0 Onion website, they have already successfully targeted over 100 different organizations so far ..read more
Minerva » Malware
1y ago
As Russia began its initial offensive into Ukraine, another kind of attack unfolded inside Ukrainian networks. A destructive wave of wiper malware attacks began corrupting files in hundreds of computer systems, rendering the systems themselves unusable ..read more
Minerva » Malware
1y ago
Virtual patching is a highly effective technique for countering zero-day threats, i.e., stealthy cyber threats designed to exploit system and application vulnerabilities that software vendors have yet to release a patch for. In this post, we explain what virtual patching is, why it’s essential for effective threat prevention, and what virtual patching method works best in most scenarios ..read more
Minerva » Malware
1y ago
MyloBot was first detected in 2018 and was one of the most evasive Botnets at the time. According to various reports, it incorporated different techniques such as:  ..read more
Minerva » Malware
1y ago
At Minerva we are proud of our products and believe in their ability to put malware to bed. That’s why we were happy to hear that we scored high marks in a recently published research paper that compared the performance of 31 top endpoint security products. Let’s review the details of the study, how Minerva Armor performed, and offer some insights on the findings ..read more
Minerva » Malware
1y ago
We have often observed threat actors using legitimate software for dropping malicious files. This time however is different. This threat actor was able to leave most parts of the attack under the radar by separating the attack into several small files, most of which had very low detection rates by AV engines, with the final stage leading to Purple Fox rootkit infection.  ..read more