Jim Walter, Author at SentinelOne

labs

CatB Ransomware | File Locker Sharpens Its Claws to Steal Data with MSDTC Service DLL Hijacking

Jim Walter / March 13, 2023

CatB ransomware abuses MSDTC service for DLL hijacking and takes a swipe at victim's mail and browser data.

OPSEC Failure Reveals Hand Of GlobeImposter Behind South Korean TZW Ransomware Campaign 4

labs

Recent TZW Campaigns Revealed As Part of GlobeImposter Malware Family

Jim Walter / February 15, 2023

Evidence of shared infrastructure and close file similarities link new TZW ransomware to a rebrand of GlobeImposter.

labs

Gotta Catch ‘Em All | Understanding the NetSupport RAT Campaigns Hiding Behind Pokemon Lures

Jim Walter / January 16, 2023

Threat actors continue to find creative ways to infect users with NetSupport RAT. Learn how to identify and prevent this remote access trojan.

labs

Venus Ransomware | Zeoticus Spin-off Shows Sophistication Isn’t Necessary for Success

Jim Walter / November 16, 2022

Learn about the uptick in activity of this recent ransomware variant that has been encrypting victims worldwide, with the latest IoCS, TTPs and analysis.

Slam Anatomy Of A Publicly Available Ransomware Builder 1

labs

From the Front Lines | Slam! Anatomy of a Publicly-Available Ransomware Builder

Jim Walter / September 15, 2022

The barrier to entry into the world of ransomware and cybercrime has never been lower, and even low-level threats can be surprisingly effective.

BlueSky Ransomware AD Lateral Movement Evasion And Fast Encryption Puts Threat On The Radar 1

labs

BlueSky Ransomware | AD Lateral Movement, Evasion and Fast Encryption Put Threat on the Radar

Jim Walter / August 25, 2022

This new ransomware threat uses multi-threaded encryption and exploits known Windows vulnerabilities to infect hosts across Active Directory.

More Evil Markets How Its Never Been Easier To Buy Initial Access To Compromised Networks By Jim Walter 6

labs

What Are Initial Access Brokers? – A Comprehensive Guide 101

Jim Walter / August 17, 2022

Take a sneak peek into the world of criminal markets, how they look on the inside, and how traders advertise and sell unauthorized access to organizations.

LockBit 3.0 Update Unpicking The Ransomwares Latest Anti Analysis And Evasion Techniques 5

labs

Crimeware

LockBit 3.0 Update | Unpicking the Ransomware’s Latest Anti-Analysis and Evasion Techniques

Jim Walter / July 21, 2022

The self-proclaimed 'oldest ransomware affiliate on the planet' has new tricks and new features and continues to beat enterprise defenses.

labs

From the Front Lines | 3 New and Emerging Ransomware Threats Striking Businesses in 2022

Jim Walter / June 22, 2022

Crimeware continues to evolve at pace with threat actors both iterating on old source code and creating new ransomware families. Stay informed, stay safe.

labs

The Good, the Bad and the Ugly in Cybersecurity – Week 5

Jim Walter / February 4, 2022

CanadaHQ darknet market operators get heavy fines, FBI warns companies of job posting scams, and Conti ransomware disrupts UK snack market.