Criminal actors are now using a bug in a legitimate driver to launch RobbinHood, a new type of ransomware that can escape detection as it operates at kernel level. Understanding how RobbinHood works is key to understanding how to stop novel kind of attacks relying on trusted components.
Fileless malware attacks are a growing concern in cyber-security with an interesting history that dates back to 2001. After remaining almost silent for several years, this type of threat began to gain fresh traction in 2014 with new concepts introduced at a fast pace. Today such attacks are so common that new strategies had to […]
Over the past 3 months ReaQta has been working closely with VirusTotal to integrate ReaQta-Hive‘s behavioral engine, today we are excited to announce that the integration is complete and available to the public. VirusTotal is a free service that analyzes files and URLs to detect malicious content, the platform is well-known among security researchers as it […]
ReaQta has found evidence of an active Gootkit trojan campaign with focus on Italian government institutions. We began tracking the campaign since the end of November 2018 and so far it showed a very low detection rate.
Proactive Threat Hunting helps in the early detection of new threats and in the discovery of weak spots that can be leveraged by an attacker to gain or maintain access to an infrastructure. Traditional IOCs, combined with ATT&CK Mitre TTPs and Artificial Intelligence for discovery of new behaviors raises the bar for the attackers, helping responders to identify […]
Mavinject is a legitimate Windows component that can be used, and abused, to perform arbitrary code injections inside any running process. As this is a common component on Windows, it can be leveraged to perform living-off-the-land attacks.
Cyber security is a hot topic. Quite frankly it always was an interesting subject, though today threats have been advancing at an alarming rate, companies are increasingly more concerned about their data, especially after the amount of data breaches reported this year and actively pursuing strategies to build better guards for their intellectual property.