Introducing the InQuest Malware Discovery Engine (MDE)! A new default-on static analysis integration designed to identify malicious logic embedded in the most commonly used file types. Alerts from this subsystem are automatically factored into the InQuest Threat Score Engine to produce our File and Session Threat Scores.

MDE leverages the AV community to identify garden-variety malware quickly, so InQuest can focus on those hard to detect threats targeting your Enterprise.

Learn how you can Join The Hunt!

Latest InQuest™ Blog Posts

ZLoader 4.0 Macrosheets Evolution

Posted on 2020-05-06 by William MacArthur, Amirreza Niakanlahiji, and Pedram Amini

In this blog, we dissect a novel and stealthy Excel Macrosheet fueled malware campaign that currently bypasses most protection stacks to deliver ZLoader to its victims. We trace the earliest occurrence to Monday, May 4th (Star Wars Day), and continue to actively track this evolving campaign.

Read more

Detecting Coercive Lures with OCR

Posted on 2020-05-12 by Josiah Smith

Beyond the capability of identifying, extracting, and exposing malicious content from hundreds of file types. InQuest Deep File Inspection (DFI) utilizes machine vision and optical character recognition (OCR) to identify the social engineering component of a variety of malware lures. This is one of the myriads of techniques that we employ to detect novel malware that may leverage previously unseen pivots.

Read more

InQuest™ Labs Research Spotlight

Macrome

An Excel Macro Document Reader/Writer for Red Teamers & Analysts.

Read more

predict-malicious-cyber-connections

Predict whether internet traffic is malicious given historical router traffic data

Read more

PeaceMaker

PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.

Read more

Global Security Events

Ransomware gang asks $42m from NY law firm, threatens to leak dirt on Trump

The criminal group behind the REvil (Sodinokibi) ransomware is extorting a New York-based law firm, threatening to release sensitive files on the company's celebrity clients unless the firm pays a whopping $42 million ransom demand.

Read more

Texas Courts Won’t Pay Up in Ransomware Attack

A ransomware attack has hit the information technology office that supports Texas appellate courts and judicial agencies, leading to their websites and computer servers being shut down. The office said that it would not pay the ransom.

Read more

Ransomware Attackers Exfiltrate Data From Magellan Health

Magellan Health, a U.S. managed care company that focuses on specialty areas of healthcare, says it was hit by a ransomware attack that involved the exfiltration of specific employee data.

Read more

Useful Links

InQuest™ InQuest™ Labs InQuest™ Blog PGP

Support

Request Info Customer Portal

Social

InQuest™ Insider - Your monthly resource for the latest in cyber security news, trends, tips and tools. Subscribe here.

Unsubscribe here.

Copyright © InQuest™ 2019