Explore cybersecurity trends, news and insights from the experts at Black Lotus Labs, the threat research and operations arm of Lumen.
Executive Summary Last fall, Black Lotus Labs discovered in the wild what had until then only been theorized: Linux binaries were being used as loaders in Windows Subsystem for Linux (WSL). Since our initial report, Black Lotus Labs continues to […]
What Global Network Visibility Reveals about the Resurgence of One of the World’s Most Notorious Botnets Executive Summary Since its reemergence on Nov. 14, 2021, Black Lotus Labs has once again been tracking Emotet, one of the world’s most prolific […]
Executive Summary Black Lotus Labs, the threat research team of Lumen Technologies, uncovered a series of targeted actions against the Russian Federation’s Ministry of Foreign Affairs (MID). Based upon the totality of information available and the close correlation with prior […]
Executive Summary In April 2016, Microsoft shocked the PC world when it announced the Windows Subsystem for Linux (WSL). WSL is a supplemental feature that runs a Linux image in a near-native environment on Windows, allowing for functionality like command […]
Executive Summary In early June 2021, Black Lotus Labs identified ReverseRat, a remote access trojan (RAT) operated by a suspected Pakistani actor that was targeting government and energy sector organizations in South and Central Asia. After publishing our initial research, […]
Introduction “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know […]
Introduction Last August, Black Lotus Labs participated in the DEF CON Red Team Village CTF. If that sentence reads as gobbledygook to you, read on as we unpack it. This blog will introduce CTFs and related security concepts, then show […]
Executive Summary Lumen’s Black Lotus Labs detected a new remote access trojan we’re calling ReverseRat. Based on our global telemetry and analysis, we identified that the actor is targeting government and energy organizations in the South and Central Asia regions […]
The Black Lotus Labs team at Lumen Technologies recently discovered a hacktivist campaign affecting internet-exposed routers and switches that occurred primarily on May 13, 2021. During this campaign, the threat actor abused the victims’ misconfigured Cisco Smart Install protocol, which […]
In recent years, Distributed Denial of Service (DDoS) events have become an ever-present threat, featuring attack traffic pushing to levels measured in terabits per second (Tbps). One of the key tools in the hands of cybercriminals seeking to increase the […]
