Understanding the importance of web shell detection is crucial in today’s cybersecurity landscape. Traditional antivirus solutions often fall short, but specialized tools like Nextron’s THOR APT scanner provide advanced protection against these stealthy threats, ensuring comprehensive security.
Unveiling KamiKakaBot – Malware Analysis
Back in January 2023 Group-IB first reported and documented the TTPs of DarkPink, an APT group that targets the Asia-Pacific regions. We’ve been monitoring KamiKakaBot samples since September of last year. And at the start of this year in January we’ve noticed 2 new...
VALHALLA YARA and Sigma Rule Feed
Supercharge your detection with more than hand crafted, curated high quality YARA rules.VALHALLA boosts your detection capabilities with the power of thousands of hand-crafted high-quality YARA and Sigma rules. Our team curates more than...
ASGARD Management Center
Configure, schedule and control scans on up to 25,000 end points per instance. ASGARD Management Center also features an IOC management as well as many response functions.ASGARD Management Center is the perfect incident response platform. It not only lets you execute...
Tales Of Valhalla – March 2024
Every month the Nextron Threat Research Team (NTRT) shares insights into evasive threats that we’ve seen in the wild via our Valhalla service. The aim is to highlight interesting samples our rules detected and have or had very low detection rates as reported by...
Compromise Assessment
Revolutionizing Threat DetectionNextron SystemsYour Expert in Cyber Defense!Upgrade Your Cyber Defense. Now. With the ever-evolving cyber threat landscape, traditional IT security measures like Antivirus scanners, EDR systems, Security Monitoring, and Vulnerability...
Cyber Security 2024: Key Trends Beyond the Hype
In this blog post, our threat research team presents the most critical cyber security trends for 2024. While many in the field are focusing on headline-grabbing topics like AI, our emphasis is on practical, impactful issues already shaping the cyber landscape. We...
THOR APT Scanner
Proactively detect advanced hacker activity. THOR’s impressive detection rate is well-known in the industry.THOR is the most sophisticated and flexible compromise assessment tool on the market. Incident response engagements often begin with a group of compromised...
How to Perform Compromise Assessments on NetScaler / Citrix ADC Appliances Using THOR
In today's interconnected world, cyber adversaries are increasingly targeting and exploiting Internet-facing appliances and devices with unconventional or restricted operating systems. A pressing concern for users is whether it's possible to perform a compromise...
How to scan ESXi systems using THOR
More and more often, adversaries target and exploit Internet-facing appliances or devices with exotic or restricted operating systems. Users ask if there is a way to run a compromise assessment scan on these systems with the YARA rules used in THOR. Following up on...
Virustotal Lookups in THOR v10.7
We're glad to announce a new feature that allows users to enrich events generated by THOR with information from Virustotal. The feature is available in the full THOR v10.7 TechPreview and THOR Lite. It can be used in any scan mode: live endpoint scanning, lab...
Analyze VMware ESX Systems with THOR Thunderstorm
Since the release of THOR Thunderstorm in the summer of 2020, our customers used it to analyse a variety of systems that are usually considered as "out of scope". In some cases the EULA prevents the installation of Antivirus scanners or EDR agents. In other cases the...