18 matches found
Top 3 Malware Families in Q4: How to Keep Your SOC Ready
Q3 showed sharp growth in malware activity as Lumma AgentTesla and Xworm drove access and data theft forcing SOC teams toward quicker behavior checks...
FakeUpdates, Remcos, AgentTesla Top Malware Charts in Stealth Attack Surge
Check Point's April 2025 malware report reveals increasingly sophisticated and hidden attacks using familiar malware like FakeUpdates, Remcos,…...
Imperva Detects Undocumented 8220 Gang Activities
Imperva Threat Research has detected previously undocumented activity from the 8220 gang, which is known for the mass deployment of malware using a variety of continuously evolving TTPs. This threat actor has been known to target both Windows and Linux web servers with cryptojacking malware. In...
Threat Roundup for October 13 to October 20
Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Oct. 13 and Oct. 20. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...
Malicious campaigns target government, military and civilian entities in Ukraine, Poland
Cisco Talos has discovered a threat actor conducting several campaigns against government entities, military organizations and civilian users in Ukraine and Poland. We judge that these operations are very likely aimed at stealing information and gaining persistent remote access. The activity we...
AgentTesla Trojan Returns with Phishing Campaigns Using GuLoader to Steal Secrets
Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The AgentTesla Trojan continues to pose a threat as attackers use GuLoader to deliver it in new phishing campaigns targeting various industries and countries...
Threat Roundup for August 26 to September 2
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Aug. 26 and Sept. 2. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...
AgentTesla Builder Web Panel Cross Site Scripting
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/db9629508fda139f71f625d764c7eff7.txt Contact: [email protected] Media: twitter.com/malvuln Threat: AgentTesla Builder Web Panel Vulnerability: Cross Site Scripting XSS Description: AgentTeslaBuilder...
AgentTesla Builder Web Panel SQL Injection
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/db9629508fda139f71f625d764c7eff7B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: AgentTesla Builder Web Panel Vulnerability: SQL Injection Description: The AgentTeslaBuilder WebUI...
AgentTesla Builder Web Panel Cross Site Scripting Vulnerability
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/db9629508fda139f71f625d764c7eff7.txt Contact: email protected Media: twitter.com/malvuln Threat: AgentTesla Builder Web Panel Vulnerability: Cross Site Scripting XSS Description: AgentTeslaBuilder WebU...
See Ya Sharp: A Loaders Tale | McAfee Blogs
ARCHIVED STORY See Ya Sharp: A Loader’s Tale Max Kersten · Aug 04, 2021 Introduction The DotNet based CyaX-Sharp loader, also known as ReZer0, is known to spread commodity malware, such as AgentTesla. In recent years, this loader has been referenced numerous times, as it was used in campaigns...
See Ya Sharp: A Loaders Tale | McAfee Blogs
ARCHIVED STORY See Ya Sharp: A Loader’s Tale Max Kersten · Aug 04, 2021 Introduction The DotNet based CyaX-Sharp loader, also known as ReZer0, is known to spread commodity malware, such as AgentTesla. In recent years, this loader has been referenced numerous times, as it was used in campaigns...
Malware Families Turn to Legit Pastebin-Like Service
Cybercriminals are increasingly turning to a legitimate, Pastebin-like web service for downloading malware — such as AgentTesla and LimeRAT — in spear-phishing attacks. Pastebin, a code-hosting service that enables users to share plain text through public posts called “pastes,” currently has 17...
New AgentTesla variant steals WiFi credentials
AgentTesla is a .Net-based infostealer that has the capability to steal data from different applications on victim machines, such as browsers, FTP clients, and file downloaders. The actor behind this malware is constantly maintaining it by adding new modules. One of the new modules that has been...
Stealthy Malware Flies Under AV Radar with Advanced Obfuscation
Researchers warn hackers are putting a new spin on old injection techniques and successfully end-running endpoint protection. They are tracking a campaign, that kicked off in January, that is still going strong exploiting weaknesses in web browsers. The objective is to hide in the background of...
MalConfScan - Volatility Plugin For Extracts Configuration Data Of Known Malware
MalConfScan is a Volatility plugin extracts configuration data of known malware. Volatility is an open-source memory forensics framework for incident response and malware analysis. This tool searches for malware in memory images and dumps configuration data. In addition, this tool has a function ...
Wary of the use of the Office vulnerabilities to spread commercial spyware AgentTesla-vulnerability warning-the black bar safety net
Background overview AgentTesla was originally a released in 2014 the simple key loggers, and in recent years its development team which constantly adds many new features, and sale. AgentTesla has now become a commercial spyware that can be controlled by the end of the generation to meet the...
Who Is Agent Tesla?
A powerful, easy-to-use password stealing program known as Agent Tesla has been infecting computers since 2014, but recently this malware strain has seen a surge in popularity -- attracting more than 6,300 customers who pay subscription fees to license the software. Although Agent Tesla includes ...