Threat Alerts
-
Dissecting IcedID behavior on an infected endpoint
IcedID, also known as BokDot, is a banking trojan that was first discovered in 2017. It targets a victim’s financial…
Read more -
OpenText is a leader in Detection and Response
MITRE Engenuity released today the results of its first ATT&CK Evaluations for Managed Services. OpenText™ joins the top tier with…
Read more -
Targeted DFIR evidence collections
During or after an incident, there may be a need for forensic analysis on the endpoints involved in a breach…
Read more -
NetSupport Remote Access Trojan (RAT) delivered through fake browser updates by SocGholish threat actors
The SocGholish campaign is suspected to be linked to the Russian threat actor known as “Evil Corp”. The threat actors…
Read more -
Dissecting Netwire Remote Access Trojan (RAT) behavior on an infected endpoint
Netwire is a Remote Access Trojan (RAT) capable of stealing passwords, keylogging, and includes remote control capabilities. Netwire RAT has…
Read more -
Enabling Security Partners on MxDR Services
OpenText offers exciting opportunities for resellers, technology providers and service organizations to capture their share of the multi-billion US$ Information…
Read more -
Maintaining heightened cyber safety during uncertain times
Situation overview Russia’s invasion of Ukraine is a prime example of one nation employing a combination of traditional weaponry and…
Read more -
Stopping Remote Access Trojans (RATs) in their tracks with OpenText MDR
In 2012, we saw the first release of the Adwind malware family which were Java-based remote access tools (RATs) called…
Read more -
Log4j vulnerability explained and how to respond
On December 10th, warnings of the zero-day vulnerability found in the Java logging library, Apache Log4j 2.x, began to emerge.…
Read more -
Launch extended detection and response steps to manage Log4j vulnerability
Threat Hunts must include cloud, network, endpoint, log and email vectors Note: OpenText™ Security reports that there is no Log4j…
Read more -
Kaseya VSA Zero-Day Supply Chain Ransomware Attack
Attackers carried out a supply chain ransomware attack by leveraging a zero-day vulnerability in Kaseya’s VSA software on Friday July…
Read more -
JBS Ransomware attack highlights need for early detection and rapid response
Over the past couple of months cyber-criminals have targeted organizations critical to our supply chain. The most recent of these…
Read more -
Threat alerts
December 2021 December 14, 2021: Log4j Summary: Top US cybersecurity officials have warned of the zero-day vulnerability found in the…
Read more -
RIG Exploit Kits exploit Internet Explorer delivering Dridex Trojan
The RIG Exploit Kit (EK), which was discovered in 2014, is known to exploit vulnerabilities in Microsoft’s Internet Explorer browser…
Read more -
Addressing cyber resilience gaps across key infrastructure assets
The ransomware attack on Colonial Pipeline was yet another wake up call for critical infrastructure and supply chains to rethink their approach…
Read more -
Lessons from the SolarWinds attack: How to protect your business
By the time it was discovered in December, the SolarWinds cyber attack had evaded the security defenses of and penetrated…
Read more
