▾ G11 Media Network: | ChannelCity | ImpresaCity | SecurityOpenLab | GreenCity | Italian Channel Awards | Italian Project Awards | ...
InnovationOpenLab

Introducing LevelBlue Labs: Threat Intelligence Team Finds Evasive Loader Targeting Chinese-Speaking Victims

LevelBlue, a leading provider of managed security services, strategic consulting, and threat intelligence, today released new research from LevelBlue Labs, the company’s global team of threat resear...

Business Wire

LevelBlue threat researchers discover new “SquidLoader” malware, with advanced techniques to evade debuggers and static analysis, using Cobalt Strike as a final payload

DALLAS: LevelBlue, a leading provider of managed security services, strategic consulting, and threat intelligence, today released new research from LevelBlue Labs, the company’s global team of threat researchers and data scientists who regularly analyze one of the largest collections of threat data in the world.

LevelBlue Labs discovered a new malware loader, dubbed “SquidLoader,” delivered via phishing attachments. The campaign was first observed in late April 2024, when the team uncovered SquidLoader using several advanced techniques to avoid being statically or dynamically analyzed for at least a month. The final payload is a Cobalt Strike sample, and based on its configuration, LevelBlue Labs assessed that this same threat actor has been mainly targeting Chinese-speaking victims sporadically over the past two years.

“The SquidLoader sample makes a clear effort to avoid detection, as well as static and dynamic analysis,” said Fernando Dominguez, Principal Security Researcher at LevelBlue Labs. “We do not have enough findings to classify this threat actor as an advanced persistent threat (APT), but the techniques being observed by SquidLoader are those that are typically used by a persistent APT.”

To protect from SquidLoader, organizations are advised to use increased vigilance against phishing attempts, including not opening attachments or clicking links from untrusted senders. They should always check that a sender is trusted, who they say they are, and that the communication is expected, especially if there is an attachment in the correspondence.

LevelBlue Labs delivers continuous, tactical threat intelligence that powers LevelBlue’s USM Anywhere platform, helping to better inform cybersecurity teams and fortify their organizations’ defenses against the latest threats. LevelBlue threat researchers have unrivaled visibility into the global threat landscape through insight from analysts at four global Security Operations Center locations and three global Network Operation Centers operated 24 hours per day and 365 days per year.

“LevelBlue Labs’ latest research is yet another example of our team providing the most timely and tactical threat intelligence on the market today,” said Sundhar Annamalai, President of LevelBlue. “Our continuously updated, integrated threat intelligence helps cybersecurity teams quickly prioritize and address the most critical threats targeting their business – ultimately minimizing noise, false alarms and burnout.”

For more information on SquidLoader, please read the full technical blog here. For more details on LevelBlue Labs and how your organization can be empowered by the team’s threat intelligence, please click here.

About LevelBlue

We simplify cybersecurity through award-winning managed services, experienced strategic consulting, threat intelligence and renowned research. Our team is a seamless extension of yours, providing transparency and visibility into security posture and continuously working to strengthen it.

We harness security data from numerous sources and enrich it with artificial intelligence to deliver real-time threat intelligence, which enables more accurate and precise decision making. With a large, always-on global presence, LevelBlue sets the standard for cybersecurity today and tomorrow. We easily and effectively manage risk, so you can focus on your business

Welcome to LevelBlue. Cybersecurity. Simplified. Learn more at www.levelblue.com.

Fonte: Business Wire

If you liked this article and want to stay up to date with news from InnovationOpenLab.com subscribe to ours Free newsletter.

Related news

Last News

Sparkle works on environmentally sustainable content distribution

The Italian company partners with MainStreaming for high-performance, energy-efficient video streaming

Fintech: Links tests the use of exponential technologies in the banking…

Links Management and Technology just concluded the testing phase of a research project focused on banking transformation

Axyon AI: Italian Artificial Intelligence for Finance applications

Axyon AI offers an AI platform specifically designed for asset management, with several interesting strengths for those approaching machine/deep learning…

Italian Artificial Intelligence tackles medical emergencies at sea

Mermaid-AI is a telehealth platform at sea based on a visor equipped with an AR, medical Artificial Intelligence algorithms, satellite communications…

Most read

Sparkle works on environmentally sustainable content distribution

The Italian company partners with MainStreaming for high-performance, energy-efficient video streaming

Biostate AI Launches Total RNA Sequencing and Free Data Analysis AI

Biostate AI, the scalable biodata foundry startup, emerges from stealth today with the launch of two service products: Total RNA sequencing and Copilot…

ISG to Announce Second-Quarter Financial Results

$III #earnings--Information Services Group (ISG) (Nasdaq: III), a leading global technology research and advisory firm, said today it will release its…

GlassHive Announces Integration with ConnectWise to Elevate the ConnectWise…

#businessautomation--GlassHive, a trailblazer in sales and marketing automation, has announced an integration with ConnectWise, a leading provider of…

Newsletter signup

Join our mailing list to get weekly updates delivered to your inbox.

Sign me up!