Security strategies often assume that systems can be patched, upgraded, or replaced. In reality, many critical environments operate on legacy platforms where these options are impractical. Industrial control networks, healthcare systems, and government infrastructure...
Many organizations make a critical mistake when responding to actively exploited zero-day vulnerabilities: they patch but don’t investigate. Think about it this way: If your front door was left wide open for weeks, would you just lock it and walk away? If attackers...
In my 2024 article, Cyber Security 2024: Key Trends Beyond the Hype, I aimed to stay rational and avoid hype—especially around AI—and pointed out that most real-world attacks still involved unpatched systems, weak credentials, and social engineering. Over the past...
According to recent reports, cyberattacks rose by 75% in the third quarter of 2024 compared to the same period in the previous year and by 15% compared to the second quarter of 2024. This alarming trend clearly shows that companies are more than ever required to...
Introduction Lynx ransomware is a newly emerged and sophisticated malware threat that has been active since mid-2024. Lynx ransomware has claimed over 20 victims across a range of industries. Once it infiltrates a system, it encrypts critical files, appending a...
Understanding the importance of web shell detection is crucial in today’s cybersecurity landscape. Traditional antivirus solutions often fall short, but specialized tools like Nextron’s THOR APT scanner provide advanced protection against these stealthy threats, ensuring comprehensive security.
Back in January 2023 Group-IB first reported and documented the TTPs of DarkPink, an APT group that targets the Asia-Pacific regions. We’ve been monitoring KamiKakaBot samples since September of last year. And at the start of this year in January we’ve noticed 2 new...
Boost your detection capabilities with the power of thousands of hand-crafted high-quality YARA and Sigma rules.VALHALLA supercharges your detection with + YARA and + Sigma rules - hand crafted, curated and high quality. The database grows...
Configure, schedule and control scans on up to 25,000 end points per instance. ASGARD Management Center also features an IOC management as well as many response functions.ASGARD Management Center is the perfect incident response platform. It not only lets you execute...
Every month the Nextron Threat Research Team (NTRT) shares insights into evasive threats that we’ve seen in the wild via our Valhalla service. The aim is to highlight interesting samples our rules detected and have or had very low detection rates as reported by...
Revolutionizing Threat DetectionDetect what others miss with Nextron’s advanced forensic tools and compromise assessments, empowering you to uncover hidden threats.Strengthen Your Cybersecurity With Actionable Insights. Traditional security tools like Antivirus...
In this blog post, our threat research team presents the most critical cyber security trends for 2024. While many in the field are focusing on headline-grabbing topics like AI, our emphasis is on practical, impactful issues already shaping the cyber landscape. We...
THOR detects hacking traces others overlook.It closes forensic blind spots with YARA, Sigma, and custom IOCs.THOR is the most sophisticated and flexible compromise assessment tool on the market. Incident response engagements often begin with a group of compromised...
In today's interconnected world, cyber adversaries are increasingly targeting and exploiting Internet-facing appliances and devices with unconventional or restricted operating systems. A pressing concern for users is whether it's possible to perform a compromise...
More and more often, adversaries target and exploit Internet-facing appliances or devices with exotic or restricted operating systems. Users ask if there is a way to run a compromise assessment scan on these systems with the YARA rules used in THOR. Following up on...