Every month the Nextron Threat Research Team (NTRT) shares insights into evasive threats that we’ve seen in the wild via our Valhalla service. The aim is to highlight interesting samples our rules detected and have or had very low detection rates as reported by...
Announcing the Launch of Management Center v3.0
We are pleased to announce the release of ASGARD Management Center v3.0, marking a significant update from version 2.17.2. This latest version introduces key improvements, an upgraded operating system, and advancements in time synchronization and user interface. Aimed...
New rules of the game in the fight against cybercrime
Dietzenbach, 13.02.2024 - Nextron Systems, a leading provider of innovative IT security solutions, continues its pioneering mission to combat and detect cybercrime at an early stage. As an emerging industry thought leader, Nextron is taking decisive action to protect...
End-of-Life ASGARD Analysis Cockpit Version 3
Nextron announces the end-of-sale and end-of-life dates for the ASGARD Analysis Cockpit version 3. Customers with active service contracts will continue to receive support until September 30, 2024, as shown in the table below. End of Life Announcement Date The date...
Announcing the Launch of Analysis Cockpit v4.0
We are pleased to announce the release of Analysis Cockpit v4.0, marking a significant update from version 3.10. This latest version introduces key improvements, including restructured database indices for enhanced performance, an upgraded operating system, and...
Cyber Security 2024: Key Trends Beyond the Hype
In this blog post, our threat research team presents the most critical cyber security trends for 2024. While many in the field are focusing on headline-grabbing topics like AI, our emphasis is on practical, impactful issues already shaping the cyber landscape. We...
Introducing the Nextron Community Discord Server
We are pleased to announce the launch of the Nextron Community Discord Server, a dedicated space for technical dialogue and support for Nextron's range of products. This server aims to facilitate a deeper understanding and more effective use of our solutions.Key...
Mjolnir Security: Incident Response Training – Dive Deep into Cybersecurity
We're thrilled to announce an exciting collaboration with our esteemed partner, Mjolnir Security. Immerse yourself in their renowned “Blue Team Incident Response Training” taking place from the 23rd to the 26th of October. This four-day intensive program promises a...
Detecting JanelaRAT with Yara and THOR
In the last weeks, we observed an increase in .NET based malware using DLL sideloading. A prominent example is JanelaRAT, a recent campaign targeting Latin American FinTech users. Their initial attack involves a phishing email, mainly in Portuguese language. The user...
How to scan Ivanti Endpoint Manager Mobile (EPMM) / MobileIron Core for CVE-2023-35078 Exploitation
In this blog post, we address a critical security concern and explore methods for evaluating potential compromises on devices like Ivanti Endpoint Manager Mobile (EPMM) / MobileIron Core using THOR or the free THOR Lite YARA and IOC scanners. Recently, a severe remote...
How to Perform Compromise Assessments on NetScaler / Citrix ADC Appliances Using THOR
In today's interconnected world, cyber adversaries are increasingly targeting and exploiting Internet-facing appliances and devices with unconventional or restricted operating systems. A pressing concern for users is whether it's possible to perform a compromise...
Hunting Ducks – A Threat Hunters Take on Ducktail Stealer
This post will look into DuckTail Stealer and their current .NET-based payloads. The stealer is well known for targeting marketing companies. Ducktails attacks usually come via email, posing as marketing campaigns or hiring offers. They use legitimate cloud hosts like...