Citrix NetScaler appliances are under active attack through CVE-2025-7775 and related vulnerabilities. Even fully patched systems may already be compromised. This post explains how Nextron’s THOR provides agentless compromise detection with YARA and IOC scans — a proven method for identifying webshells, backdoors, and post-exploit artifacts. The post Detecting NetScaler Compromise with THOR During CVE-2025-7775 Attacks appeared first on Nextron Systems.| Nextron Systems
The post Advancing Detection Together: Nextron and Arctic Wolf Join Forces on Sigma appeared first on Nextron Systems.| Nextron Systems
Recent breaches show that security policies alone can’t stop attackers. Discover how compromise assessments and THOR close the gap.| www.nextron-systems.com
Many of our customers value the broad module support and high detection coverage found in our professional-grade products. However, we are also committed to continuously improving our free tools, ensuring that the gap in detection capabilities does not grow too wide.| Nextron Systems
The post Webhooks in THOR Cloud: Event-Driven Notifications and System Integration appeared first on Nextron Systems.| Nextron Systems
The post AURORA – Leveraging ETW for Advanced Threat Detection appeared first on Nextron Systems.| Nextron Systems
The post Detecting the Most Popular MITRE Persistence Method – Registry Run Keys / Startup Folder appeared first on Nextron Systems.| Nextron Systems
The recently exploited SharePoint vulnerability chain known as ToolShell (CVE-2025-53770) has shown once again that patching alone isn’t enough. Attackers gained unauthenticated remote access to vulnerable on-premises SharePoint servers, planted web shells, and exfiltrated cryptographic keys to enable further exploitation.| Nextron Systems
We are excited to announce a strategic partnership between Nextron Systems and Threatray AG. This collaboration aims to significantly enhance our existing threat detection capabilities and further improve the precision and sensitivity of our detection signatures. Nextron will leverage Threatray’s advanced Binary Intelligence Platform to refine and extend our detection rules, benefiting both our THOR and Valhalla customers, while Threatray will enhance its own platform by integrating detecti...| Nextron Systems
Discover how digital sovereignty becomes reality in cybersecurity with THOR & ASGARD - Made in Germany, forensic-ready from minute one.| www.nextron-systems.com
Antivirus engines and EDRs have their place – no doubt. But what happens when malware simply slips through their nets? What if the malicious file was never executed? What if the incident happened months ago? That’s where THOR comes in. Our compromise assessment scanner has a unique superpower: it operates where others stay blind – in the calm, post-incident stillness of a system.| Nextron Systems
We’ve released a CLI utility that converts THOR logs into a Timesketch-compatible format. This allows analysts to import and visualize THOR’s forensic findings as timestamped events on a unified timeline, together with data from other sources.| Nextron Systems
Linux PAM backdoor analysis revealing stealthy credential theft. See why AV misses them - and how THOR detects what others overlook.| www.nextron-systems.com
First detected in September 2024 and initially targeting the United States and Canada, the Nitrogen ransomware group has since expanded its reach into parts of Africa and Europe. Many of their victims remain absent from Nitrogen’s public ransomware blog and likely never will be listed. At the time of writing, ransomware.live reports 21 known victims of Nitrogen. Notably, indicators of this malware family surfaced as early as 2023, suggesting links to other ransomware infections.| Nextron Systems
Understanding how to detect obfuscated threats is key to defending against stealthy cyber attacks. Learn how THOR uncovers hidden threats.| www.nextron-systems.com