Lucene search
K

1667 matches found

Trellix
Trellix
added 2022/02/17 12:0 a.m.16 views

Looking Over the Nation-State Actors’ Shoulders

Looking over the nation-state actors’ shoulders: Even they have a difficult day sometimes By Trellix and Marc Elias · Febraury 17, 2022 Have you ever been curious about how nation-state actors operate and what their day-to-day work looks like? This blog reveals some of these details observed base...

0.4AI score
Exploits0
Trellix
Trellix
added 2022/02/17 12:0 a.m.10 views

Looking Over the Nation-State Actors’ Shoulders

Looking over the nation-state actors’ shoulders: Even they have a difficult day sometimes By Trellix and Marc Elias · Febraury 17, 2022 Have you ever been curious about how nation-state actors operate and what their day-to-day work looks like? This blog reveals some of these details observed base...

8.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/02/16 2:3 p.m.33 views

TrickBot Malware Targeted Customers of 60 High-Profile Companies Since 2020

The notorious TrickBot malware is targeting customers of 60 financial and technology companies, including cryptocurrency firms, primarily located in the U.S., even as its operators have updated the botnet with new anti-analysis features. "TrickBot is a sophisticated and versatile malware with mor...

0.9AI score
Exploits0
Akamai Blog
Akamai Blog
added 2022/02/10 2:0 p.m.19 views

FritzFrog: P2P Botnet Hops Back on the Scene

FritzFrog is a peer-to-peer botnet, which means its command and control server is not limited to a single, centralized machine, but rather can be done from every machine in its distributed network. In other words, every host running the malware process becomes part of the network, and is capable ...

2AI score
Exploits0
hivepro
hivepro
added 2022/02/07 2:23 p.m.21 views

Iranian state-sponsored APT group MuddyWater targeting organizations via malicious executables

THREAT LEVEL: Red. United States Cyber Command USCYBERCOM has warned of an ongoing cyber attack by Iranian state sponsored actor named as MuddyWater. This APT group is currently targeting Middle Eastern countries and has also targeted European and North American nations. The Iranian-backed...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/02/07 1:34 p.m.30 views

New CapraRAT Android Malware Targets Indian Government and Military Personnel

A politically motivated advanced persistent threat APT group has expanded its malware arsenal to include a new remote access trojan RAT in its espionage attacks aimed at Indian military and diplomatic entities. Called CapraRAT by Trend Micro, the implant is an Android RAT that exhibits a high...

1.1AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/02/02 5:0 p.m.28 views

The evolution of a Mac trojan: UpdateAgent’s progression

Our discovery and analysis of a sophisticated Mac trojan in October exposed a year-long evolution of a malware family—and depicts the rising complexity of threats across platforms. The trojan, tracked as UpdateAgent, started as a relatively basic information-stealer but was observed distributing...

0.3AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/02/02 5:0 p.m.27 views

The evolution of a Mac trojan: UpdateAgent’s progression

Our discovery and analysis of a sophisticated Mac trojan in October exposed a year-long evolution of a malware family—and depicts the rising complexity of threats across platforms. The trojan, tracked as UpdateAgent, started as a relatively basic information-stealer but was observed distributing...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/02/01 11:23 a.m.14 views

Android malware BRATA can wipe devices

Cleafy, a cybersecurity firm specializing in online fraud, has published new details about banking Trojan BRATA Brazilian Remote Access Tool, Android, a known malware strain that first became widespread in 2019. BRATA is now being used to perform factory resets on victims machines. Its rare for...

0.7AI score
Exploits0
hivepro
hivepro
added 2022/01/26 5:39 a.m.14 views

MoonBounce: New malware deployed by APT41 in UEFI firmware

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. MoonBounce is a new type of malware that hides in the most complex part of an Operating System OS, the Basic Input Output System BIOS chip, and thus persists even after reinstalling your OS or formatting your hard drive...

0.5AI score
Exploits0
ThreatPost
ThreatPost
added 2022/01/25 6:54 p.m.79 views

MacOS Malware ‘DazzleSpy’ Used in Watering-Hole Attacks

A new family of cyber-espionage malware targeting macOS and delivered via a Safari exploit was used against politically active, pro-democracy residents of Hong Kong, in August watering-hole attacks initially discovered by Google TAG, researchers said on Tuesday. The watering-hole attacks – which...

9.3CVSS9.2AI score0.14542EPSS
Exploits0References17
Trellix
Trellix
added 2022/01/25 12:0 a.m.52 views

Prime Minister’s Office Compromised: Details of Recent Espionage Campaign

Prime Minister’s Office Compromised: Details of Recent Espionage Campaign By Marc Elias · January 25, 2022 A special thanks to Christiaan Beek, Alexandre Mundo, Leandro Velasco and Max Kersten for malware analysis and support during this investigation. Executive Summary Our Advanced Threat Resear...

0.4AI score0.96843EPSS
Exploits38
Trellix
Trellix
added 2022/01/25 12:0 a.m.55 views

Prime Minister’s Office Compromised: Details of Recent Espionage Campaign

Prime Minister’s Office Compromised: Details of Recent Espionage Campaign By Marc Elias · January 25, 2022 A special thanks to Christiaan Beek, Alexandre Mundo, Leandro Velasco and Max Kersten for malware analysis and support during this investigation. Executive Summary Our Advanced Threat Resear...

8.8CVSS9.5AI score0.96843EPSS
Exploits38
ThreatPost
ThreatPost
added 2022/01/24 10:0 a.m.15 views

Unusual ‘Donald Trump’ Packer Malware Delivers RATs, Infostealers

A new .NET malware packer being used to deliver a variety of remote access trojans RATs and infostealers has a fixed password named after Donald Trump, giving the new find its name, “DTPacker.” DTPacker was discovered by researchers at Proofpoint who, since 2020, have observed it being used by...

7.5AI score
Exploits0References6
The Hacker News
The Hacker News
added 2022/01/12 1:9 p.m.23 views

Hackers Use Cloud Services to Distribute Nanocore, Netwire, and AsyncRAT Malware

Threat actors are actively incorporating public cloud services from Amazon and Microsoft into their malicious campaigns to deliver commodity remote access trojans RATs such as Nanocore, Netwire, and AsyncRAT to siphon sensitive information from compromised systems. The spear-phishing attacks, whi...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2021/12/23 4:0 p.m.48 views

Telegram Abused to Steal Crypto-Wallet Credentials

Attackers are targeting crypto-wallets of Telegram users with the Echelon infostealer, in an effort aimed at defrauding new or unsuspecting users of a cryptocurrency discussion channel on the messaging platform, researchers have found. Researchers at the SafeGuard Cyber’s Division Seven threat...

7.3AI score
Exploits0References6
The Hacker News
The Hacker News
added 2021/12/17 7:19 a.m.480 views

New Phorpiex Botnet Variant Steals Half a Million Dollars in Cryptocurrency

Cryptocurrency users in Ethiopia, Nigeria, India, Guatemala, and the Philippines are being targeted by a new variant of the Phorpiex botnet called Twizt that has resulted in the theft of virtual coins amounting to $500,000 over the last one year. Israeli security firm Check Point Research, which...

0.5AI score
Exploits0
ThreatPost
ThreatPost
added 2021/12/16 1:45 p.m.44 views

‘DarkWatchman’ RAT Shows Evolution in Fileless Malware

A novel remote access trojan RAT being distributed via a Russian-language spear-phishing campaign is using unique manipulation of Windows Registry to evade most security detections, demonstrating a significant evolution in fileless malware techniques. Dubbed DarkWatchman, the RAT – discovered by...

7.5AI score
Exploits0References7
The Hacker News
The Hacker News
added 2021/12/16 10:19 a.m.44 views

New Fileless Malware Uses Windows Registry as Storage to Evade Detection

A new JavaScript-based remote access Trojan RAT propagated via a social engineering campaign has been observed employing sneaky "fileless" techniques as part of its detection-evasion methods to elude discovery and analysis. Dubbed DarkWatchman by researchers from Prevailion's Adversarial...

0.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/12/07 8:14 a.m.21 views

Microsoft Seizes 42 Malicious Web Domains Used By Chinese Hackers

Microsoft on Monday announced the seizure of 42 domains used by a China-based cyber espionage group that set its sights on organizations in the U.S. and 28 other countries pursuant to a legal warrant issued by a federal court in the U.S. state of Virginia. The Redmond company attributed the...

0.3AI score
Exploits0
Rows per page
Query Builder