July 11, 2020

The Domain Generation Algorithm of BazarBackdoor

BazarBackdoor (also known as BazarLoader or Team9Backdoor) is a module of the dreaded TrickBot Trojan. It is mostly used to gain a foothold in compromised enterprise […]
July 13, 2020

AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java

Original release date: July 13, 2020 Summary On July 13, 2020 EST, SAP released a security update to address a critical vulnerability, CVE-2020-6287, affecting the SAP […]
July 15, 2020

The Defective Domain Generation Algorithm of BazarBackdoor

This blog post is about the faulty domain generation algorithm found in some BazarBackdoor samples. The DGA not only uses an invalid tld, it also occasionally […]
July 16, 2020

AA20-198A: Malicious Cyber Actor Use of Network Tunneling and Spoofing to Obfuscate Geolocation

Original release date: July 16, 2020 Summary This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) and Pre-ATT&CK frameworks. See the MITRE […]