Release Highlights: VMRay Platform 2025.2.0 VMRay平台新增SVG文件分析功能，提升对SVG钓鱼攻击的检测能力；优化动态分析引擎，增强对DLL空洞等高级注入技术的识别；扩展Geofence VPN功能，在欧盟云新增挪威、葡萄牙和澳大利亚三个端点；优化Live Interaction分析优先级，提升用户体验。... 2025-5-9 14:30:49 | 阅读: 7 | 收藏 | VMRay - www.vmray.com analysis vmray threats cloud phishing

Rethinking Cyber Threat Intelligence: A Strategic Shift Toward Resilience 文章探讨了传统网络威胁情报（CTI）策略的局限性及其对组织安全的影响。作者指出当前CTI面临反应式、数据陈旧、来源分散、缺乏自动化及上下文不足等问题，并提出采用实时、自动化与上下文驱动的现代CTI策略以提升威胁检测与响应能力。通过引入CTI成熟度模型，组织可系统性地评估与优化其威胁情报能力，从而构建更强大的网络安全韧性。... 2025-5-8 08:5:7 | 阅读: 16 | 收藏 | VMRay - www.vmray.com cti security threats strategic resilience

Malware Obfuscation Techniques: Advanced Detection & Prevention Strategies 文章探讨了恶意软件混淆技术的核心目标及其多层实现方法（包括代码、二进制、网络和行为层面），并介绍了常见技术如字符串混淆和Base64编码。同时分析了传统检测方法的局限性及先进的检测手段（如动态分析与内存取证），最后强调了VMRay平台（DeepResponse与TotalInsight）在应对复杂混淆技术中的有效性。... 2025-4-15 19:58:36 | 阅读: 23 | 收藏 | VMRay - www.vmray.com analysis vmray security monitoring network

March 2025 Detection Highlights: Detecting CPU Property Queries and Another Month of YARA Rules. VMRay Labs团队在2025年3月专注于改进威胁识别器（VTI）以检测CPU属性查询、提升AutoUI功能以处理云存储文件，并更新了30个YARA规则以覆盖更多恶意软件类型。... 2025-4-2 10:17:22 | 阅读: 16 | 收藏 | VMRay - www.vmray.com security attackers malicious stealer ransomware

How Northwestern Mutual accelerated threat investigation with VMRay Northwestern Mutual通过采用VMRay技术优化了威胁调查流程，将调查时间从24小时缩短至几分钟，并显著降低了误报率。该解决方案结合了深度分析和实时威胁情报，同时确保数据隐私合规性。... 2025-3-19 08:36:12 | 阅读: 21 | 收藏 | VMRay - www.vmray.com vmray mutual accuracy threats

February 2025 Detection Highlights: A Record Month of New YARA Rules VMRay Labs团队在2025年2月专注于新增威胁识别器和更新YARA规则。他们新增了针对交互式进程空洞技术和Braodo信息窃取行为的VTI，并更新了30多个YARA规则，涵盖下载器、远程访问木马、窃取器和后门等恶意软件。这些更新提升了检测能力。... 2025-3-12 07:24:13 | 阅读: 35 | 收藏 | VMRay - www.vmray.com malicious loader attackers vmray phishing

Malware & Phishing Threat Landscape Report – 2024/2 2024年下半年网络威胁持续升级，攻击者利用创新技术如ZIP文件拼接、恶意宏、SVG钓鱼等规避检测，并滥用AI生成复杂恶意软件和钓鱼邮件。供应链攻击和勒索软件威胁加剧，同时传统钓鱼手段结合社交媒体信任机制大范围传播恶意程序。尽管面临挑战，执法机构和组织通过动态分析和协调行动取得一定防御成果。... 2025-3-7 11:15:41 | 阅读: 10 | 收藏 | VMRay - www.vmray.com malicious phishing attackers security qr

What is SEO Poisoning? A Growing Threat to Cybersecurity IntroductionSEO poisoning, also known as search poisoning, is a cyberattack technique where t... 2025-3-6 19:31:6 | 阅读: 4 | 收藏 | VMRay - www.vmray.com poisoning malicious security software phishing

DLL Sideloading: What It Is and How to Detect It IntroductionDLL sideloading is a widely used attack technique that exploits how Windows appli... 2025-3-6 19:31:1 | 阅读: 7 | 收藏 | VMRay - www.vmray.com sideloading malicious attackers windows security

What is Credential Harvesting? Detection & Prevention Techniques 凭证收集攻击通过钓鱼、恶意软件等手段窃取用户凭据，导致重大数据泄露。检测困难但可通过行为分析和沙箱技术识别异常。实施多因素认证、强密码策略和安全意识培训可有效防御此类攻击。... 2025-3-4 12:2:2 | 阅读: 2 | 收藏 | VMRay - www.vmray.com phishing harvesting attackers passwords attacker

Actionable Threat Intelligence in Cybersecurity: A Comprehensive Guide 文章探讨了可操作的情报在网络安全中的重要性，强调其通过相关性、及时性和准确性帮助组织应对威胁。VMRay通过其解决方案提供上下文丰富的洞察和自动化分析，助力企业提升防御能力。... 2025-2-21 00:1:23 | 阅读: 10 | 收藏 | VMRay - www.vmray.com vmray actionable threats analysis feeds

Release Highlights: VMRay Platform 2025.1.0 这篇文章介绍了VMRay平台在2025年的首次更新，新增了六个功能和改进。包括可搜索的威胁名称、检测剪贴板访问、扩展LNK分析支持、增强的Geofence VPN功能、与Microsoft Defender的连接器以及从Office文档中的QR码提取URL的能力。这些更新提升了威胁检测和分析效率。... 2025-2-14 12:20:16 | 阅读: 11 | 收藏 | VMRay - www.vmray.com vmray clipboard malicious conhost security

January 2025 Detection Highlights: Entrypoint Injection, Hotlinking, and a Robust New Set of Smart Link Detonation Rules VMRay Labs团队在2025年1月发现了多种新型恶意软件行为和工具滥用，并新增了多种威胁检测机制。包括入口点注入、直接从公共平台加载资源、滥用macOS代码签名工具、枚举显示适配器以及利用易受攻击的驱动程序（BYOVD）攻击等新威胁识别器（VTI）。此外，团队还改进了智能链接引爆（SLD）功能，并新增了针对伪造发件人、e.trustifi.com域名和雅虎附属链接的触发规则。同时，团队还添加了新的YARA规则来检测Metasploit shellcode变种、Phishkit.RandLoad和BruteRatel C2框架等恶意活动。... 2025-2-11 14:18:25 | 阅读: 7 | 收藏 | VMRay - www.vmray.com security phishing vti malicious attackers

Fully undetected Shell Script dropping macOS Atomic Stealer Skip to contentVMRay Labs found a DMG file containing a malicious Shell... 2025-2-4 13:14:26 | 阅读: 11 | 收藏 | VMRay - www.vmray.com download malicious vmray modifies remained

From analysis to action: Enhancing government threat models with malware insights A Real-World Example: Applying the Diamond ModelLet’s look at a real-life application of the Diam... 2025-1-28 15:22:6 | 阅读: 10 | 收藏 | VMRay - www.vmray.com defenses sandboxing diamond phases attackers

Heavily obfuscated batch file loads XWorm hosted on GitHub VMRay Labs found a multi-stage obfuscated batch script... 2025-1-20 11:12:21 | 阅读: 13 | 收藏 | VMRay - www.vmray.com detections xworm github marker download

December 2024 Detection Highlights: Detecting DLL hollowing and phishing using SVGs, and an expanded set of new YARA rules The Labs team at VMRay actively gathers publicly available data to identify any noteworthy malware... 2025-1-8 06:57:56 | 阅读: 12 | 收藏 | VMRay - www.vmray.com phishing malicious security cryptbot memory

Unveiling the Power of Threat Intelligence Platforms In today’s hyper-connected world, the digital transformation of businesses has significantly... 2025-1-7 18:6:31 | 阅读: 10 | 收藏 | VMRay - www.vmray.com tips vmray security threats analysis

Backdoored configuration script waits until user is inactive (!) to run Linux malware 2024-12-17 14:13:39 | 阅读: 10 | 收藏 | VMRay - www.vmray.com backdoored kills nmon attackers heavy

Inside the latest phishing campaigns: dissecting CarPhish, EDG, Tpass, and Mamba2FA kits Phishing has been known as one of the leading initial attack vectors for a long time. Here at V... 2024-12-16 09:13:43 | 阅读: 7 | 收藏 | VMRay - www.vmray.com hxxps phishing edg vmray mamba2fa