Blog

Filter: Blog - Clear Filter

Detecting JanelaRAT with Yara and THOR

In the last weeks, we observed an increase in .NET based malware using DLL sideloading. A prominent example is JanelaRAT, a recent campaign targeting Latin American FinTech users. Their initial attack involves a phishing email, mainly in Portuguese language. The user...

read more

New THOR 10.7.8 TechPreview Features

We are thrilled to unveil THOR 10.7.8, the latest version of our advanced persistent threat (APT) scanner, which brings a host of powerful features to enhance threat detection and analysis. In this blog post, we will highlight some of the notable additions that make...

read more
How to scan Docker images using THOR – Part 1

How to scan Docker images using THOR – Part 1

In this blog article, we will talk about how you can use THOR to scan Docker images. Consider the following use case:  Before using an upstream Docker image, you want to precheck it for known IOCs and backdoors. THOR can help you with this!Prerequisites Docker image...

read more
Customer Portal Upgrade – Planned Downtime

Customer Portal Upgrade – Planned Downtime

We would like to inform you that our customer portal will be undergoing a scheduled maintenance and will be temporarily unavailable on Wednesday, April 12, 2023, between 10:00am and 11:00am CEST. We apologize for any inconvenience this may cause. During this downtime,...

read more
Demystifying SIGMA Log Sources

Demystifying SIGMA Log Sources

One of the main goals of Sigma as a project and Sigma rules specifically has always been to reduce the gap that existed in the detection rules space. As maintainers of the Sigma rule repository we're always striving for reducing that gap and making robust and...

read more
GDPR Cookie Consent with Real Cookie Banner