Threat researchers from the Elastic Security team recently identified a new malware campaign dubbed BLISTER. The novel malware loader was used to execute second stage malware payloads in-memory and maintain persistence. The researchers believe BLISTER was able to fly under the radar by leveraging valid code signing certificates, infecting legitimate libraries to fool machine learning models, and executing payloads in-memory. The team noted that most of the malware samples observed have little to no detections in VirusTotal. The infection vector and goals of the attackers are currently unknown.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security