Jay Rosenberg, Author at Intezer
4

Paleontology: The Unknown Origins of Lazarus Malware

INTRODUCTION         As seen by security researchers across the world and proven in a joint research by McAfee and Intezer, Lazarus, one of...

2

APT37: Final1stspy Reaping the FreeMilk

Researchers at Palo Alto Networks recently published a report regarding the NOKKI malware, which has shared code with KONNI and, although not in...

3

Intezer Analyze™ ELF Support Release: Hakai Variant Case Study

ELF SUPPORT We would like to proudly announce that Intezer Analyze™ now supports genetic malware analysis for ELF binaries! You may now...

5

Prince of Persia: The Sands of Foudre

Introduction In the past couple years, Palo Alto Networks reported on the “Prince of Persia” malware campaign which is believed to be...

9

Examining Code Reuse Reveals Undiscovered Links Among North Korea’s Malware Families

This research is a joint effort of Christiaan Beek, lead scientist & sr. principal engineer at McAfee, and Jay Rosenberg, senior security researcher...

5

MirageFox: APT15 Resurfaces With New Tools Based On Old Ones

APT15 Background Coincidentally, following the recent hack of a US Navy contractor and theft of highly sensitive data on submarine warfare, we...

6

Lazarus Group Targets More Cryptocurrency Exchanges and FinTech Companies

Introduction Cyber attacks from the Lazarus Group, a threat actor associated with North Korea, has not slowed down and their malware toolset...

4

2018 Winter Cyber Olympics: Code Similarities with Cyber Attacks in Pyeongchang

Olympic Code Similarities Following up on reports by McAfee and Cisco Talos related to hacking during the winter Olympics of 2018 in...

2

Yet Another Distraction? A New Version of North Korean Ransomware Hermes Has Emerged

Detecting Reused Ransomware Whether we’re dealing with a criminal threat actor looking to steal money from their victims using ransomware or malware...

6

BLOCKBUSTED: Lazarus, Blockbuster, and North Korea

As we have proven in previous research blog posts, malware authors often reuse the same code. This evolution of code and code...

3

IcedID Banking Trojan Shares Code with Pony 2.0 Trojan

IBM X-Force recently released an excellent report  on a new banking trojan named IcedID that is being distributed using computers already infected...

2

Silence of the Moles

Kaspersky Labs published a technical analysis of a new malware, Silence that is aimed at attacking financial institutions. After uploading the loader...

3

NotPetya Returns as Bad Rabbit

Large scale cyber attacks seem to be happening once a month these days. Originally discovered by ESET (https://www.welivesecurity.com/2017/10/24/kiev-metro-hit-new-variant-infamous-diskcoder-ransomware/), Ukrainian and Russian organizations...

5

Evidence Aurora Operation Still Active Part 2: More Ties Uncovered Between CCleaner Hack & Chinese Hackers

Since my last post, we have found new evidence in the next stage payloads of the CCleaner supply chain attack that provide...

4

Evidence Aurora Operation Still Active: Supply Chain Attack Through CCleaner

Recently, there have been a few attacks with a supply chain infection, such as Shadowpad being implanted in many of Netsarang’s products,...

© Intezer.com 2020 All rights reserved