Lastline Labs Blog

IQY files and Paradise Ransomware

Posted by James Haughom ON Mar 10, 2020

IQY files, perhaps one of the less known of the weaponizable Microsoft Office file formats, provide attackers with a simple...

Nemty Ransomware Scaling UP: APAC Mailboxes Swarmed by Dual Downloaders

Posted by Jason Zhang and Stefano Ortolani ON Feb 18, 2020

Nemty is a ransomware that first surfaced in the wild in August 2019, reportedly spreading via RDP with a specific...

Threat Research Report: Infostealers and self-compiling droppers set loose by an unusual spam campaign

Posted by Quentin Fois, Jason Zhang and Stefano Ortolani ON Jan 30, 2020

Thanks to massive botnets, attackers can generate large-scale spam campaigns on-demand and immediately use them to spread malware. While digging...

HELO Winnti: Attack or Scan?

Posted by Jason Zhang and Stefano Ortolani ON Sep 30, 2019

Since its first attack was discovered nearly a decade ago, Winnti has evolved into an advanced and sophisticated toolkit leveraged...

LockerGoga: When Ransomware Strikes Back

Posted by Andreas Pafitis ON Apr 24, 2019

Ransomware attacks have made the headlines multiple times in the course of recent years. LockerGoga is yet another example. The...

Reporting from Security Analyst Summit 2019

Posted by Quentin Fois and Stefano Ortolani ON Apr 18, 2019

By Quentin Fois and Stefano Ortolani We are just back from Singapore, where we attended the Security Analyst Summit organized by...

Threat Actor “Cold River”: Network Traffic Analysis and a Deep Dive on Agent Drable

Posted by Quentin Fois and Labs Team ON Jan 11, 2019

Executive Summary While reviewing some network anomalies, we recently uncovered Cold River, a sophisticated threat actor making malicious use of DNS...

Tales From the Field: The Surge of Agent Tesla

Posted by Labs Team ON Aug 28, 2018

While it is normal to see a positive trend in terms of number of artifacts analyzed by our engines, a...

Equation Editor — evading static analysis FI

Evading Static Analyzers by Solving the Equation (Editor)

Posted by Subrat Sarkar and Stefano Ortolani ON Jul 12, 2018

Introduction As part of our efforts to self-evaluate our backend systems, we closely monitor the behavioral reports produced by our dynamic...

Evasive Monero Miners: Deserting the Sandbox for Profit

Posted by Alexander Sevtsov and Stefano Ortolani ON Jun 20, 2018

Authored by: Alexander Sevtsov Edited by: Stefano Ortolani Introduction It’s not news that the cryptocurrency industry is on the rise. Mining crypto coins offers to...

Lastline Labs Blog

IQY files and Paradise Ransomware

Nemty Ransomware Scaling UP: APAC Mailboxes Swarmed by Dual Downloaders

Threat Research Report: Infostealers and self-compiling droppers set loose by an unusual spam campaign

HELO Winnti: Attack or Scan?

LockerGoga: When Ransomware Strikes Back

Reporting from Security Analyst Summit 2019

Threat Actor “Cold River”: Network Traffic Analysis and a Deep Dive on Agent Drable

Tales From the Field: The Surge of Agent Tesla

Evading Static Analyzers by Solving the Equation (Editor)

Evasive Monero Miners: Deserting the Sandbox for Profit

The Challenge of Obtaining Visibility into Cloud Security

RSA 2020: A Game of “Would You Rather”

Lastline Donating File and Artifact Analysis Service

LATEST PRESS RELEASES

Lastline Named as One of the Best Places to Work

MEDIA MENTIONS

Choosing a VPN for Added Internet Security

FROM THE BLOG

The Challenge of Obtaining Visibility into Cloud Security