Jim Walter, Author at SentinelOne

The BLINDINGCAN RAT and Malicious North Korean Activity

Jim Walter / August 31, 2020

North Korean-backed threat groups continue to adapt and evolve; their latest campaign aims to gather intel from key defense and government contractors.

labs

The Good, the Bad and the Ugly in Cybersecurity – Week 34

Jim Walter / August 21, 2020

Cyber cops take down gang laundering $42m, Lazarus RAT targets defense/energy industries and ransomware goes offshore in attack on cruise liner operator.

Case Study Catching A Human Operated Maze Ransomware Attack In Action 1

labs

Adversary

Case Study: Catching a Human-Operated Maze Ransomware Attack In Action

Jim Walter / August 13, 2020

Maze operators tailor attacks to the victim’s environment to evade detection. We show how they operate, and reveal a decoded HDA payload among other IOCs.

Agent Tesla Old RAT Uses New Tricks To Stay On Top 4

labs

Crimeware

Agent Tesla | Old RAT Uses New Tricks to Stay on Top

Jim Walter / August 10, 2020

Aside from Dridex, Agent Tesla is the most widely used malware currently targeting businesses. We review its core functionality and latest adaptations.

labs

The Good, the Bad and the Ugly in Cybersecurity – Week 30

Jim Walter / July 24, 2020

FBI indicts two Chinese hackers, researchers uncover North Korean APT toolset and the ransomware rampage continues with hits on Argentinian ISP.

WastedLocker Ransomware Abusing ADS And NTFS File Attributes 4

labs

Crimeware

WastedLocker Ransomware: Abusing ADS and NTFS File Attributes

Jim Walter / July 23, 2020

WastedLocker is a relatively new ransomware that has been attacking high-value targets across numerous industries, including several Fortune 500 companies.

labs

The Good, the Bad and the Ugly in Cybersecurity – Week 27

Jim Walter / July 3, 2020

Notorious carder gets 9-year sentence, macOS targeted by new info-stealing ransomware, and a critical vuln exposes networks to a SAML authentication bypass.

Thanos Ransomware A Rapidly Evolving RaaS Targets Legacy AV Backup Solutions 12

labs

Crimeware

Thanos Ransomware | RIPlace, Bootlocker and More Added to Feature Set

Jim Walter / July 1, 2020

Thanos Ransomware has developed rapidly over the last 6 months, offering a customized RaaS tool with an expanding feature set to build unique payloads.

labs

The Good, the Bad and the Ugly in Cybersecurity – Week 25

Jim Walter / June 19, 2020

Cyber criminal receives maximum sentence for DDoS attacks, multiple vulns found in widely-used TCP/IP stack and Thanos ransomware evades AV with RIPlace.

labs

The Good, the Bad and the Ugly in Cybersecurity – Week 23

Jim Walter / June 5, 2020

CISA launch first of six essential security tips for leaders, researchers reveal critical flaw in VMWare, and DoppelPaymer claim theft of NASA, SpaceX data.