Lucene search
K

14 matches found

Trend Micro Simply Security
Trend Micro Simply Security
added 2023/08/07 12:0 a.m.36 views

Latest Batloader Campaigns Use Pyarmor Pro for Evasion

In June 2023, Trend Micro observed an upgrade to the evasion techniques used by the Batloader initial access malware, which we’ve covered in previous blog entries...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/27 1:12 p.m.40 views

New Malvertising Campaign Distributing Trojanized IT Tools via Google and Bing Search Ads

A new malvertising campaign has been observed leveraging ads on Google Search and Bing to target users seeking IT tools like AnyDesk, Cisco AnyConnect VPN, and WinSCP, and trick them into downloading trojanized installers with an aim to breach enterprise networks and likely carry out future...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/19 6:53 a.m.38 views

Searching for AI Tools? Watch Out for Rogue Sites Distributing RedLine Malware

Malicious Google Search ads for generative AI services like OpenAI ChatGPT and Midjourney are being used to direct users to sketchy websites as part of a BATLOADER campaign designed to deliver RedLine Stealer malware. "Both AI services are extremely popular but lack first-party standalone apps...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/19 6:53 a.m.3 views

Searching for AI Tools? Watch Out for Rogue Sites Distributing RedLine Malware

Malicious Google Search ads for generative AI services like OpenAI ChatGPT and Midjourney are being used to direct users to sketchy websites as part of a BATLOADER campaign designed to deliver RedLine Stealer malware. "Both AI services are extremely popular but lack first-party standalone apps...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/28 9:53 a.m.3 views

Stealthy DBatLoader Malware Loader Spreading Remcos RAT and Formbook in Europe

A new phishing campaign has set its sights on European entities to distribute Remcos RAT and Formbook via a malware loader dubbed DBatLoader. "The malware payload is distributed through WordPress websites that have authorized SSL certificates, which is a common tactic used by threat actors to eva...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/11 1:32 p.m.55 views

BATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif Payloads

The malware downloader known as BATLOADER has been observed abusing Google Ads to deliver secondary payloads like Vidar Stealer and Ursnif. According to cybersecurity company eSentire, the malicious ads are used to spoof a wide range of legitimate apps and services such as Adobe, OpenAPI's ChatGP...

0.6AI score
Exploits0
hivepro
hivepro
added 2023/02/14 7:2 a.m.25 views

Actors, Threats and Vulnerabilities 6 February to 12 February 2023

For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here Hive Pro identified three active actors over the past week. The first, OilRig, is a well-known threat actor known for its information theft and espionage activities. The secon...

1.3AI score
Exploits0
hivepro
hivepro
added 2023/02/09 12:23 p.m.39 views

The SteelClover Group is Spreading Malware via Google Ads in Japan

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary SteelClover is a malicious attack group that has been active since 2019 and has been observed to conduct various attacks for financial gain. SteelClover recently saw a rise in malware downloading inciden...

2.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/03 3:3 p.m.5 views

Post-Macro World Sees Rise in Microsoft OneNote Documents Delivering Malware

In a continuing sign that threat actors are adapting well to a post-macro world, it has emerged that the use of Microsoft OneNote documents to deliver malware via phishing attacks is on the rise. Some of the notable malware families that are being distributed using this method include AsyncRAT,...

6.7AI score
Exploits0
Talos Blog
Talos Blog
added 2023/01/26 9:0 a.m.21 views

Quarterly Report: Incident Response Trends in Q4 2022

Syncro, a remote management and monitoring tool, emerges as an increasingly common tool for adversaries. By Caitlin Huey. Ransomware continued to be a top threat Cisco Talos Incident Response Talos IR responded to this quarter, with appearances from both previously seen and newly observed...

0.2AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2023/01/17 12:0 a.m.9 views

Batloader Malware Abuses Legitimate Tools, Uses Obfuscated JavaScript Files in Q4 2022 Attacks

We discuss the Batloader malware campaigns we observed in the last quarter of 2022, including our analysis of Water Minyades-related events This is the intrusion set we track behind the creation of Batloader...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/11/19 7:24 a.m.48 views

Microsoft Warns of Hackers Using Google Ads to Distribute Royal Ransomware

A developing threat activity cluster has been found using Google Ads in one of its campaigns to distribute various post-compromise payloads, including the recently discovered Royal ransomware. Microsoft, which spotted the updated malware delivery method in late October 2022, is tracking the group...

1.2AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/11/17 5:0 p.m.29 views

DEV-0569 finds new ways to deliver Royal ransomware, various payloads

Recent activity from the threat actor that Microsoft tracks as DEV-0569, known to distribute various payloads, has led to the deployment of the Royal ransomware, which first emerged in September 2022 and is being distributed by multiple threat actors. Observed DEV-0569 attacks show a pattern of...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/02/03 10:49 a.m.35 views

New SEO Poisoning Campaign Distributing Trojanized Versions of Popular Software

An ongoing search engine optimization SEO poisoning attack campaign has been observed abusing trust in legitimate software utilities to trick users into downloading BATLOADER malware on compromised machines. "The threat actor used 'free productivity apps installation' or 'free software developmen...

1.5AI score
Exploits0
Rows per page
Query Builder