Lucene search
K

24 matches found

Securelist
Securelist
added 2 days ago6 views

The Gentlemen are knocking: сustom backdoors and evolving tactics

Introduction This year saw the emergence of The Gentlemen, a prominent example of a group operating under the ransomware-as-a-service RaaS model. Although our initial assessment suggested the group first appeared in mid-2025, it actually started ramping up its activities at the beginning of 2026...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/22 4:29 a.m.50 views

Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware

The China-linked cyber espionage group tracked as Lotus Panda has been attributed to a campaign that compromised multiple organizations in an unnamed Southeast Asian country between August 2024 and February 2025. "Targets included a government ministry, an air traffic control organization, a...

8.8CVSS9AI score0.99966EPSS
Exploits51
hivepro
hivepro
added 2023/12/26 11:14 a.m.15 views

Muddywater Utilizes Custom Tools to Target Telecom Companies

Summary: Iranian espionage group Muddywater,targeted telecommunications companies in Egypt, Sudan, and Tanzania in November 2023. The attackers employed a diverse set of tools for this activity, including leveraging the MuddyC2Go infrastructure. Additionally, they utilized the SimpleHelp remote...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/26 4:25 a.m.53 views

YoroTrooper: Researchers Warn of Kazakhstan's Stealthy Cyber Espionage Group

A relatively new threat actor known as YoroTrooper is likely made up of operators originating from Kazakhstan. The assessment, which comes from Cisco Talos, is based on their fluency in Kazakh and Russian, use of Tenge to pay for operating infrastructure, and very limited targeting of Kazakhstani...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/02/28 11:39 a.m.25 views

TA866 New Financially-Motivated Threat Actor Targeting US and Germany Organizations

Threat Level Actor Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary A new financially motivated threat actor named TA866 has been active since October 2022 and targets organizations in the United States and Germany. The attack chain...

1.1AI score
Exploits0
Kitploit
Kitploit
added 2022/08/15 12:30 p.m.30 views

RedGuard - C2 Front Flow Control Tool, Can Avoid Blue Teams, AVs, EDRs Check

0x00 Introduction Tool introduction RedGuard is a derivative work of the C2 facility pre-flow control technology. It has a lighter design, efficient flow interaction, and reliable compatibility with go language development. The core problem it solves is also in the face of increasingly complex re...

6.8AI score
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/05/24 5:23 p.m.5 views

aendter.jenkins.plugins:filesystem-list-parameter-plugin (=0.0.6), com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9) +33 more potentially affected by CVE-2020-2225 via org.jenkins-ci.plugins:matrix-project (>=1.0 <=1.14)

org.jenkins-ci.plugins:matrix-project MAVEN version =1.0, =1.9.2-beta, =0.5, =1.28, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.0, =1.4.2, =0.34, =1.561, =1.599 - org.jenkins-ci.plugins:Matrix-sorter-plugin =1.3 and more Source cves: CVE-2020-2225 Source advisory: OSV:GHSA-W43X-5F8F-686P...

5.4CVSS6.4AI score0.01041EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/14 2:13 a.m.7 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +698 more potentially affected by CVE-2012-6072 via org.jenkins-ci.main:jenkins-core (>=1.396 <=1.480)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.9, =1.0, =1.0, =1.0-beta-1, =2.1, =1.0, =1.0, =0.1, =0.1, =0.17 and more Source cves: CVE-2012-6072 Source advisory: SNYK:JAVA-ORGJENKINSCIMAIN-9404603...

4.3CVSS5.8AI score0.01832EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/05 2:48 a.m.4 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +745 more potentially affected by CVE-2013-0328 via org.jenkins-ci.main:jenkins-core (>=1.396 <=1.501)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.9, =1.0, =1.0, =1.0-beta-1, =2.1, =1.0, =1.0, =1.0, =0.1, =0.1, =0.17 and more Source cves: CVE-2013-0328 Source advisory: OSV:GHSA-Q5F8-FXRX-PW6F...

4.3CVSS5.8AI score0.01437EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/04/14 4:52 a.m.77 views

U.S. Warns of APT Hackers Targeting ICS/SCADA Systems with Specialized Malware

The U.S. government on Wednesday warned of nation-state actors deploying specialized malware to maintain access to industrial control systems ICS and supervisory control and data acquisition SCADA devices. "The APT actors have developed custom-made tools for targeting ICS/SCADA devices," multiple...

5.5CVSS7AI score0.01349EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/04/13 12:0 a.m.4 views

com.cloudbees.jenkins.plugins:custom-tools-plugin (>=0.4 <=0.6) potentially affected by CVE-2022-29038 via org.jenkins-ci.plugins:extended-choice-parameter (=0.28)

org.jenkins-ci.plugins:extended-choice-parameter MAVEN version =0.28 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:extended-choice-parameter and may be impacted: - com.cloudbees.jenkins.plugins:custom-tools-plugin =0.4, =0.6...

5.4CVSS6AI score0.00637EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/03/16 12:0 a.m.3 views

com.cloudbees.jenkins.plugins:custom-tools-plugin (>=0.4 <=0.6) potentially affected by CVE-2022-27202 via org.jenkins-ci.plugins:extended-choice-parameter (=0.28)

org.jenkins-ci.plugins:extended-choice-parameter MAVEN version =0.28 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:extended-choice-parameter and may be impacted: - com.cloudbees.jenkins.plugins:custom-tools-plugin =0.4, =0.6...

5.4CVSS6AI score0.00633EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/03/16 12:0 a.m.8 views

com.cloudbees.jenkins.plugins:custom-tools-plugin (>=0.4 <=0.6) potentially affected by CVE-2022-27203 via org.jenkins-ci.plugins:extended-choice-parameter (=0.28)

org.jenkins-ci.plugins:extended-choice-parameter MAVEN version =0.28 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:extended-choice-parameter and may be impacted: - com.cloudbees.jenkins.plugins:custom-tools-plugin =0.4, =0.6...

6.5CVSS6.5AI score0.01519EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/03/16 12:0 a.m.3 views

com.cloudbees.jenkins.plugins:custom-tools-plugin (>=0.4 <=0.6) potentially affected by CVE-2022-27204 via org.jenkins-ci.plugins:extended-choice-parameter (=0.28)

org.jenkins-ci.plugins:extended-choice-parameter MAVEN version =0.28 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:extended-choice-parameter and may be impacted: - com.cloudbees.jenkins.plugins:custom-tools-plugin =0.4, =0.6...

8.8CVSS7.6AI score0.00555EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/03/16 12:0 a.m.5 views

com.cloudbees.jenkins.plugins:custom-tools-plugin (>=0.4 <=0.6) potentially affected by CVE-2022-27205 via org.jenkins-ci.plugins:extended-choice-parameter (=0.28)

org.jenkins-ci.plugins:extended-choice-parameter MAVEN version =0.28 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:extended-choice-parameter and may be impacted: - com.cloudbees.jenkins.plugins:custom-tools-plugin =0.4, =0.6...

4.3CVSS5.8AI score0.00734EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/03/14 12:48 p.m.19 views

Russian Ransomware Gang Retool Custom Hacking Tools of Other APT Groups

A Russian-speaking ransomware outfit likely targeted an unnamed entity in the gambling and gaming sector in Europe and Central America by repurposing custom tools developed by other APT groups like Iran's MuddyWater, new research has found. The unusual attack chain involved the abuse of stolen...

7.2AI score
Exploits0
vulnersOsv
vulnersOsv
added 2022/01/13 12:1 a.m.7 views

aendter.jenkins.plugins:filesystem-list-parameter-plugin (=0.0.6), com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9) +34 more potentially affected by CVE-2022-20615 via org.jenkins-ci.plugins:matrix-project (>=1.0 <=1.18)

org.jenkins-ci.plugins:matrix-project MAVEN version =1.0, =1.9.2-beta, =0.5, =1.28, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =2021.12.0, =1.0, =1.4.2, =0.34, =1.561, =1.599 and more Source cves: CVE-2022-20615 Source advisory: OSV:GHSA-VQWG-4V6F-H6X5...

5.4CVSS6.6AI score0.81842EPSS
Exploits0
Wired Threat Level
Wired Threat Level
added 2021/04/21 8:39 p.m.41 views

Palestinian Hackers Tricked Victims to Install iOS Spyware

The groups used social engineering techniques on Facebook to direct targets to a wide range of malware, including custom tools...

3.2AI score
Exploits0
Securelist
Securelist
added 2019/04/29 8:0 a.m.57 views

I know what you did last summer, MuddyWater blending in the crowd

Introduction MuddyWater is an APT with a focus on governmental and telco targets in the Middle East Iraq, Saudi Arabia, Bahrain, Jordan, Turkey and Lebanon and also a few other countries in nearby regions Azerbaijan, Pakistan and Afghanistan. MuddyWater first surfaced in 2017 and has been active...

7.9AI score
Exploits0
ThreatPost
ThreatPost
added 2018/05/15 9:38 p.m.11 views

Phishing Spy Campaign Targets Top Mideast Officials

Researchers have discovered a phishing campaign that infected Android devices with custom surveillance-ware bent on extracting data from top officials, primarily in the Middle East. Researchers at Lookout Security told Threatpost that the tool, dubbed Stealth Mango, has been used to collect over ...

0.9AI score
Exploits0References2
Rows per page
Query Builder