A few days ago, I told you about Rombertik, an evasive threat that can sneak past signature antivirus, and some sandboxes. This week we also learned about a new variant of Dyre, that uses similar evasive techniques against sandboxes as well. In today’s video, learn why WatchGuard’s sandbox is not fooled by these new evasions.
(Episode Runtime: 2:42)
Direct YouTube Link: https://www.youtube.com/watch?v=RXDOyntnVnQ
- Latest Dyre variant evades sandboxes – Seculert
- Cisco’s Talos group research on evasive Rombertik – Cisco
- How WatchGuard APT Blocker catches evasive malware with LastLine – LastLine
— Corey Nachreiner, CISSP (@SecAdept)
Joe Redmon says
Don’t know if you have noticed this or not but the last screen you play on your videos that show the Watchguard logo says ‘Produced by Wathguard Technologies’ instead of Watchguard. You might want to fix that.