Lucene search
K

11 matches found

The Hacker News
The Hacker News
added 2025/04/28 12:18 p.m.50 views

⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More

What happens when cybercriminals no longer need deep skills to breach your defenses? Today's attackers are armed with powerful tools that do the heavy lifting — from AI-powered phishing kits to large botnets ready to strike. And they're not just after big corporations. Anyone can be a target when...

9.3CVSS9.4AI score0.99972EPSS
Exploits75
The Hacker News
The Hacker News
added 2024/09/05 7:45 a.m.12 views

Malware Attackers Using MacroPack to Deliver Havoc, Brute Ratel, and PhantomCore

Threat actors are likely employing a tool designated for red teaming exercises to serve malware, according to new findings from Cisco Talos. The program in question is a payload generation framework called MacroPack, which is used to generate Office documents, Visual Basic scripts, Windows...

7.6AI score
Exploits0
Talos Blog
Talos Blog
added 2024/09/03 12:0 p.m.15 views

Threat actors using MacroPack to deploy Brute Ratel, Havoc and PhantomCore payloads

Cisco Talos recently discovered several related Microsoft Office documents uploaded to VirusTotal by various actors between May and July 2024 that were all generated by a version of a payload generator framework called "MacroPack." MacroPack is a framework designated for Red Team exercises, but w...

7.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/07/24 1:0 p.m.21 views

Malware Campaign Lures Users With Fake W2 Form

The following analysts contributed to the research: Evan McCann, Matt Smith, Ipek Solak, Jake McMahon Rapid7 has recently observed an campaign targeting users searching for W2 forms using the Microsoft search engine Bing. Users are subsequently directed to a fake IRS website, enticing them to...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/24 9:43 a.m.21 views

Patchwork Hackers Target Bhutan with Advanced Brute Ratel C4 Tool

The threat actor known as Patchwork has been linked to a cyber attack targeting entities with ties to Bhutan to deliver the Brute Ratel C4 framework and an updated version of a backdoor called PGoShell. The development marks the first time the adversary has been observed using the red teaming...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/01/27 11:53 a.m.2 views

Researchers Discover New PlugX Malware Variant Spreading via Removable USB Devices

Cybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate the malware to additional systems. "This PlugX variant is wormable and infects USB devices in such a way that it conceals itself from the Window...

7.1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/10/25 12:0 p.m.72 views

Quarterly Report: Incident Response Trends in Q3 2022

Ransomware and pre-ransomware engagements make up 40 percent of threats seen this quarter By Caitlin Huey. For the first time since compiling these reports, Cisco Talos Incident Response saw an equal number of ransomware and pre-ransomware engagements, making up nearly 40 percent of threats this...

9.3CVSS0.6AI score0.99999EPSS
Exploits428
The Hacker News
The Hacker News
added 2022/10/17 12:54 p.m.46 views

Black Basta Ransomware Hackers Infiltrate Networks via Qakbot to Deploy Brute Ratel C4

The threat actors behind the Black Basta ransomware family have been observed using the Qakbot trojan to deploy the Brute Ratel C4 framework as a second-stage payload in recent attacks. The development marks the first time the nascent adversary simulation software is being delivered via a Qakbot...

0.2AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/10/12 12:0 a.m.7 views

Black Basta Ransomware Gang Infiltrates Networks via QAKBOT, Brute Ratel, and Cobalt Strike

We analyzed a QAKBOT-related case leading to a Brute Ratel C4 and Cobalt Strike payload that can be attributed to the threat actors behind the Black Basta ransomware...

5.1AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/10/12 12:0 a.m.8 views

Black Basta Ransomware Gang Infiltrates networks via QAKBOT, Brute Ratel, and Cobalt Strike

We analyzed a QAKBOT-related case leading to a Brute Ratel C4 and Cobalt Strike payload that can be attributed to the threat actors behind the Black Basta ransomware...

5.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/07/06 12:28 p.m.34 views

Hackers Abusing BRc4 Red Team Penetration Tool in Attacks to Evade Detection

Malicious actors have been observed abusing legitimate adversary simulation software in their attacks in an attempt to stay under the radar and evade detection. Palo Alto Networks Unit 42 said a malware sample uploaded to the VirusTotal database on May 19, 2022, contained a payload associated wit...

0.3AI score
Exploits0
Rows per page
Query Builder