Wroba Android banking trojan targets Japan
The mobile banking trojan Wroba has been around since 2010. It previously targeted smartphone...
Anatomy of an exploit in Windows win32k – CVE-2022-21882
A new manipulation technique of window objects in kernel memory that leads to privilege escalation. The Avira Threat Protection Labs is a dedicated team, with members based around the world. Its research focuses on emerging and developing cyberthreats. Researchers from this team investigated a patched Common Vulnerability and Exposure (commonly referred to as a CVE)
Learn more
A Gafgyt variant that exploits Pulse Secure CVE-2020-8218
When the world started to work-from-home, cybercriminals changed their focus. VPN technology, such as Pulse Secure’s Connect VPN, became a focus of attacks. For example, vphishing (voice phishing) is widely used in an attempt to steal employees’ VPN credentials and access their organization’s network either…
Learn moreNews
View all
Malware Threat Report: Q3 2020 Statistics and Trends
Welcome to our Q3 2020 Malware Threat Report. Our previous malware threat report for...
Katana: a new variant of the Mirai botnet
Avira’s IoT research team has recently identified a new variant of the Mirai botnet....
How to choose a RuleSpace replacement?
URL or domain reputation – as found in Symantec’s RuleSpace web categorization database – ...
New Mirai variant targets Tea LaTeX 1.0
Introduction Avira’s IoT Labs continues to look for new variants of the Mirai botnet....
Malware Threat Report: Q2 2020 Statistics and Trends
Our malware threat report for Q1 2020 highlighted cyber threats and exploits that included,...
In depth analysis of Darkshades. A RAT infecting Android devices
‘Darkshades’ is a RAT (Remote Access Trojan) that targets Android devices. It enables criminals...
Forfiles used in a ‘living off the land’ attack to spread ransomware
Forfiles is a utility tool commonly used by Windows system administrators, but is now...