DarkComet Spyware Resurfaces Disguised as Fake Bitcoin Wallet

Old DarkComet RAT spyware is back, hiding inside fake Bitcoin wallets and trading apps to steal credentials via keylogging...

DarkComet Server Remote File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DarkComet Server Remote File Download Exploit', 'Description' = %q This module exploits an arbitrary file download vulnerability in the DarkComet...

Threat Roundup for April 21 to April 28

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between April 21 and April 28. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

Threat Roundup for April 7 to April 14

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between April 7 and April 14. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

Threat Roundup for March 31 to April 7

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between March 31 and April 7. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

Threat Roundup for March 17 to March 24

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 17 and March 24. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

Threat Round up for February 10 to February 17

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Feb. 10 and Feb. 17. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

Threat Round up for January 27 to February 3

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Jan. 27 and Feb. 3. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

Threat Roundup for October 7 to October 14

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 7 and Oct. 14. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

Threat Roundup for August 5 to August 12

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Aug. 5 and Aug. 12. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

Cybercrooks Frame Targets by Planting Fabricated Digital Evidence

Threat actors are hijacking the devices of India’s human rights lawyers, activists and defenders, planting incriminating evidence to set them up for arrest, researchers warn. The actor, dubbed ModifiedElephant, has been at it for at least 10 years, and it’s still active. It’s been shafting target...

Threat Roundup for November 15 to November 22

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 15 and Nov. 22. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

Threat Roundup for November 1 to November 8

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 1 and Nov. 8. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

Threat Roundup for October 25 to November 1

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 25 and Nov. 1. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

Threat Roundup for September 6 to September 13

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 6 and Sept. 13. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristic...

Exclusive: German Police Raid OmniRAT Developer and Seize Digital Assets

The German police yesterday raided the house of the developer of OmniRAT and seized his laptop, computer and mobile phones probably as part of an investigation into a recent cyber attack, a source told The Hacker News. OmniRAT made headlines in November 2015 when its developer launched it as a...

Threat Roundup for May 17 to May 24

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 17 and May 24. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

DarkComet (C2 Server) - File Upload

!/usr/bin/env python3 EDB Note: Source https://gist.github.com/PseudoLaboratories/260b6f24844785aacc1e2fb61dd05c01/259944bd94a0d289ef80b9138c1e3f97a97aa9cd from time import sleep from socket import socket, AFINET, SOCKSTREAM, error from re import search from Crypto.Cipher import ARC4 from binasci...

DarkComet (C2 Server) - File Upload

DarkComet C2 Server - File Upload !/usr/bin/env python3 EDB Note: Source https://gist.github.com/PseudoLaboratories/260b6f24844785aacc1e2fb61dd05c01/259944bd94a0d289ef80b9138c1e3f97a97aa9cd from time import sleep from socket import socket, AFINET, SOCKSTREAM, error from re import search from...

DarkComet Server 3.2 Remote File Download

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'DarkComet Server Remote File Download Exploit', 'Description' = %q This module exploits an arbitrary file download vulnerabilit...