Nextron Systems supports teams participating in Locked Shields, one of the most advanced and large-scale live-fire cyber defence exercises. Organised by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), the exercise brings together multinational blue...
Executive Summary This report analyzes RegPhantom, a stealthy Windows kernel rootkit designed to give attackers code execution in kernel mode while leaving very little visible evidence behind. The malware abuses the Windows registry as a covert trigger mechanism: a...
With ASGARD Analysis Cockpit 4.4, we deliver a release that clearly focuses on more efficient analysis, more precise searches, and better prioritization of relevant events. At its core, this version introduces a powerful new query language, complemented by targeted...
Over the past few months, we have analyzed many infection chains that all start in a very similar way: malicious advertisements placed on legitimate websites. These ads lure users into downloading "converter" tools that promise to convert images or documents (for...
In our previous publication, we detailed our internal artifact-scanning service that continuously monitors packages from multiple sources to detect malicious packages and supply chain attacks. While this automated scanning capability has proven invaluable for threat...
Over the past days, many of our customers have seen reports about a critical remote code execution vulnerability in React Server Components (CVE-2025-55182) and the related Next.js vulnerability (CVE-2025-66478). These issues have received a lot of attention and have...
Recently, we investigated a highly sophisticated malware campaign that combines multiple layers of obfuscation, endpoint security tampering, and kernel-level tricks. The operators hide behind repackaged installers for popular tools such as Telegram, WinSCP, Google...
As someone who has spent many years researching attacks and supporting incident response teams, I’ve seen one question come up again and again: How do we return to a verified clean state after an intrusion? In every ransomware case, in every targeted espionage...
After many years of successful collaboration, Nextron Systems and BETTA Security are pleased to announce a deepening of their partnership on the occasion of it-sa 2025. Nextron Systems, a software group backed by private equity investor BID Equity, has acquired a...
As a trusted provider of advanced compromise assessment tools, Nextron Systems will be present at it-sa 2025, Europe’s leading trade fair for IT security. Join us in Hall 7 at Stand 7-353 to learn more about our portfolio of forensic cybersecurity solutions developed...
Citrix NetScaler appliances are under active attack through CVE-2025-7775 and related vulnerabilities. Even fully patched systems may already be compromised. This post explains how Nextron’s THOR provides agentless compromise detection with YARA and IOC scans — a proven method for identifying webshells, backdoors, and post-exploit artifacts.
We’re pleased to announce a new technology partnership between Nextron and Arctic Wolf, a global leader in security operations, and one of the world’s largest commercial Security Operations Centers (SOCs). As part of the partnership, Arctic Wolf will incorporate...
Despite extensive guidance from national authorities, several prominent UK organizations have recently suffered significant cyber attacks. Incidents at Colt Technology Services, Marks & Spencer, and Flutter Entertainment demonstrate that adherence to security...
Many of our customers value the broad module support and high detection coverage found in our professional-grade products. However, we are also committed to continuously improving our free tools, ensuring that the gap in detection capabilities does not grow too wide....
We’re introducing Webhooks in THOR Cloud — a new feature that delivers event-driven notifications and facilitates integration with your existing systems. Webhooks allow you to subscribe to specific events and automatically receive event data as soon as those events...