Lucene search
K

35 matches found

Malwarebytes
Malwarebytes
added 2026/04/14 11:52 a.m.8 views

Omnistealer uses the blockchain to steal everything it can

A new infostealer dubbed Omnistealer is turning the blockchain into a permanent malware hosting platform, which is bad news for both companies and everyday users. It’s pretty common for malware to store its payload on a public platform, ideally one that adds some trustworthiness to the download...

6AI score
Exploits0
Trellix
Trellix
added 2025/06/24 12:0 a.m.21 views

OneClik: A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure

OneClik: A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure By Nico Paulo Yturriaga and Pham Duy Phuc · June 24, 2025 The Trellix Advanced Research Center has uncovered a sophisticated APT malware campaign that we’ve dubbed OneClik. It specifically targets the energy, oil...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/02 5:55 a.m.22 views

New Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for Stealth

Cybersecurity researchers have discovered an updated version of a malware loader called Hijack Loader that implements new features to evade detection and establish persistence on compromised systems. "Hijack Loader released a new module that implements call stack spoofing to hide the origin of...

8.3AI score
Exploits0
HackRead
HackRead
added 2025/02/04 4:47 p.m.9 views

New ValleyRAT Malware Variant Spreading via Fake Chrome Downloads

Morphisec uncovers a new ValleyRAT malware variant with advanced evasion tactics, multi-stage infection chains, and novel delivery methods…...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/24 4:38 p.m.19 views

New Qilin.B Ransomware Variant Emerges with Improved Encryption and Evasion Tactics

Cybersecurity researchers have discovered an advanced version of the Qilin ransomware sporting increased sophistication and tactics to evade detection. The new variant is being tracked by cybersecurity firm Halcyon under the moniker Qilin.B. "Notably, Qilin.B now supports AES-256-CTR encryption f...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/23 5:33 p.m.15 views

New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection

New variants of a banking malware called Grandoreiro have been found to adopt new tactics in an effort to bypass anti-fraud measures, indicating that the malicious software is continuing to be actively developed despite law enforcement efforts to crack down on the operation. "Only part of this ga...

7.1AI score
Exploits0
Securelist
Securelist
added 2024/07/29 10:0 a.m.18 views

Mandrake spyware sneaks onto Google Play again, flying under the radar for two years

Introduction In May 2020, Bitdefender released a white paper containing a detailed analysis of Mandrake, a sophisticated Android cyber-espionage platform, which had been active in the wild for at least four years. In April 2024, we discovered a suspicious sample that appeared to be a new version ...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/04 11:7 a.m.7 views

Hackers Use MS Excel Macro to Launch Multi-Stage Malware Attack in Ukraine

A new sophisticated cyber attack has been observed targeting endpoints geolocated to Ukraine with an aim to deploy Cobalt Strike and seize control of the compromised hosts. The attack chain, per Fortinet FortiGuard Labs, involves a Microsoft Excel file that carries an embedded VBA macro to initia...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/15 10:56 a.m.26 views

Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years

A malware botnet called Ebury is estimated to have compromised 400,000 Linux servers since 2009, out of which more than 100,000 were still compromised as of late 2023. The findings come from Slovak cybersecurity firm ESET, which characterized it as one of the most advanced server-side malware...

9.8CVSS7.3AI score0.70947EPSS
Exploits1
Kitploit
Kitploit
added 2024/04/28 12:30 p.m.60 views

CrimsonEDR - Simulate The Behavior Of AV/EDR For Malware Development Training

CrimsonEDR is an open-source project engineered to identify specific malware patterns, offering a tool for honing skills in circumventing Endpoint Detection and Response EDR. By leveraging diverse detection methods, it empowers users to deepen their understanding of security evasion tactics...

7.7AI score
Exploits0References1
Wired Threat Level
Wired Threat Level
added 2024/04/22 7:0 a.m.14 views

North Koreans Secretly Animated Amazon and Max Shows, Researchers Say

Thousands of exposed files on a misconfigured North Korean server hint at one way the reclusive country may evade international sanctions...

7.3AI score
Exploits0
Trellix
Trellix
added 2024/01/02 12:0 a.m.13 views

Saints Turned Evil

Saints Turned Evil By Daksh Kapur and Rohan Shah · January 2, 2024 This blog was also written by Sushant Kumar Arya Attribution at the Bottom As technology advances, attackers are constantly developing new evasion mechanisms to bypass security products and stay one step ahead of security vendors...

7AI score
Exploits0
Trellix
Trellix
added 2023/10/10 12:0 a.m.19 views

Peeling off QR Code Phishing Onion

Peeling off QR Code Phishing Onion: Revealing the Hidden Layers of Deceit By Neel H. Pathak and Pratik Sunil Kadam · October 10, 2023 Introduction: Malicious actors always seek innovative ways to bypass detection. The Trellix Advanced Research Center recently noticed an attack campaign with an...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/15 2:11 p.m.37 views

Monti Ransomware Returns with New Linux Variant and Enhanced Evasion Tactics

The threat actors behind the Monti ransomware have resurfaced after a two-month break with a new Linux version of the encryptor in its attacks targeting government and legal sectors. Monti emerged in June 2022, weeks after the Conti ransomware group shut down its operations, deliberately imitatin...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/20 11:55 a.m.38 views

Experts Uncover Year-Long Cyber Attack on IT Firm Utilizing Custom Malware RDStealer

A highly targeted cyber attack against an East Asian IT company involved the deployment of a custom malware written in Golang called RDStealer. "The operation was active for more than a year with the end goal of compromising credentials and data exfiltration," Bitdefender security researcher Vict...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/05/25 12:58 p.m.28 views

Pikabot A Stealthy Backdoor with Ingenious Evasion Tactics

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Pikabot, a sophisticated backdoor evades analysis with anti-analysis measures like the "sleep" function, uses NtContinue API, employs language-based execution cessation, and shows connections to Qakbot...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/02 8:3 a.m.68 views

SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics

The threat actor known as Lucky Mouse has developed a Linux version of a malware toolkit called SysUpdate, expanding on its ability to target devices running the operating system. The oldest version of the updated artifact dates back to July 2022, with the malware incorporating new features...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/02 8:3 a.m.2 views

SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics

The threat actor known as Lucky Mouse has developed a Linux version of a malware toolkit called SysUpdate, expanding on its ability to target devices running the operating system. The oldest version of the updated artifact dates back to July 2022, with the malware incorporating new features...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2022/07/26 6:15 p.m.38 views

Novel Malware Hijacks Facebook Business Accounts

A new malware is hijacking high-profile Meta Facebook Business and advertising platform accounts through a phishing campaign that targets LinkedIn accounts. The malware, dubbed Ducktail, uses browser cookies from authenticated user sessions to take over accounts and steal data, researchers said...

7AI score
Exploits0References3
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/04/05 12:0 a.m.13 views

Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload

Both BLISTER and SocGholish are loaders known for their evasion tactics. Our report details what these loaders are capable of and our investigation into a campaign that uses both to deliver the LockBit ransomware...

3.2AI score
Exploits0
Rows per page
Query Builder