Lucene search
K

8 matches found

The Hacker News
The Hacker News
added 2024/06/20 8:9 a.m.25 views

New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration

A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the goal of harvesting sensitive information from compromised hosts. Fortinet FortiGuard Labs said it's aware of four different distribution methods -- namely VBA...

7AI score
Exploits0
Securelist
Securelist
added 2023/04/17 10:0 a.m.27 views

QBot banker delivered through business correspondence

In early April, we detected a significant increase in attacks that use banking Trojans of the QBot family aka QakBot, QuackBot, and Pinkslipbot. The malware would be delivered through e-mail letters written in different languages — variations of them were coming in English, German, Italian, and...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/01/05 8:48 a.m.30 views

The Evolving Tactics of Vidar Stealer: From Phishing Emails to Social Media

The notorious information-stealer known as Vidar is continuing to leverage popular social media services such as TikTok, Telegram, Steam, and Mastodon as an intermediate command-and-control C2 server. "When a user creates an account on an online platform, a unique account page that can be accesse...

0.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/03 9:25 p.m.366 views

Woody RAT: A new feature-rich malware spotted in the wild

This blog post was authored by Ankur Saini and Hossein Jazi The Malwarebytes Threat Intelligence team has identified a new Remote Access Trojan we are calling Woody Rat that has been in the wild for at least one year. This advanced custom Rat is mainly the work of a threat actor that targets...

9.3CVSS0.3AI score0.99374EPSS
Exploits62
Malwarebytes
Malwarebytes
added 2022/08/03 9:0 p.m.1191 views

Woody RAT: A new feature-rich malware spotted in the wild

This blog post was authored by Ankur Saini and Hossein Jazi The Malwarebytes Threat Intelligence team has identified a new Remote Access Trojan we are calling Woody Rat that has been in the wild for at least one year. This advanced custom Rat is mainly the work of a threat actor that targets...

9.3CVSS0.3AI score0.99374EPSS
Exploits62
Securelist
Securelist
added 2021/05/25 7:0 a.m.228 views

Evolution of JSWorm ransomware

Introduction Over the past few years, the ransomware threat landscape has been gradually changing. We have been witness to a paradigm shift. From the massive outbreaks of 2017, such as WannaCry, NotPetya, and Bad Rabbit, a lot of ransomware actors have moved to the covert but highly profitable...

7.3AI score
Exploits0
Securelist
Securelist
added 2018/07/17 10:0 a.m.39 views

The return of Fantomas, or how we deciphered Cryakl

In early February this year, Belgian police seized the C&C servers of the infamous Cryakl cryptor. Soon afterwards, they handed over the private keys to our experts, who used them to update the free RakhniDecryptor tool for recovering files encrypted by the malware. The ransomware, which for year...

0.4AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/11/02 5:0 p.m.27 views

Excerpts from The Ransomware Economy: The Ransomware Supply Chain

Carbon Black recently published an investigative report on the Dark Web marketplace for ransomware. This is an excerpt from that report, which you can find here. For more information about the rise of ransomware, and what you can do about it, check out the Ransomware Epidemic: Stop Bad Rabbit In...

6.8AI score
Exploits0
Rows per page
Query Builder