Lucene search
K

7 matches found

The Hacker News
The Hacker News
added 2023/01/23 9:54 a.m.42 views

Threat Actors Turn to Sliver as Open Source Alternative to Popular C2 Frameworks

The legitimate command-and-control C2 framework known as Sliver is gaining more traction from threat actors as it emerges as an open source alternative to Cobalt Strike and Metasploit. The findings come from Cybereason, which detailed its inner workings in an exhaustive analysis last week. Sliver...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/18 9:20 a.m.61 views

Hackers Using Bumblebee Loader to Compromise Active Directory Services

The malware loader known as Bumblebee is being increasingly co-opted by threat actors associated with BazarLoader, TrickBot, and IcedID in their campaigns to breach target networks for post-exploitation activities. "Bumblebee operators conduct intensive reconnaissance activities and redirect the...

1.1AI score
Exploits0
hivepro
hivepro
added 2022/03/23 4:17 a.m.114 views

Weekly Threat Digest: 14 – 20 March 2022

For a detailed threat digest, download the pdf file here Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 567 22 5 36 15 60 The third week of March 2022 witnessed the discovery of 567 vulnerabilities out of which 22 gain...

10CVSS0.3AI score0.99999EPSS
Exploits96
Wired Threat Level
Wired Threat Level
added 2022/03/19 1:0 p.m.7 views

TSA’s First Crack at Guarding Pipelines From Hackers Falls Short

Plus: Anonymous dedicates a hack to Hillary Clinton, Google researchers expose Exotic Lily, and more...

2.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/03/18 10:58 p.m.270 views

Meet Exotic Lily, access broker for ransomware and other malware peddlers

The Google Threat Analysis Group TAG has shared their observations about a group of cybercriminals called Exotic Lily. This group has specialized itself as an initial access broker, which means they find a vulnerability in an organizations defenses, exploit that vulnerability, and sell the access...

6.8CVSS8.1AI score0.96843EPSS
Exploits38
ThreatPost
ThreatPost
added 2022/03/18 2:49 p.m.269 views

Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops

Google’s Threat Analysis Group TAG has provided a rare look inside the operations of a cybercriminal dubbed “Exotic Lily,” that appears to serve as an initial-access broker for both Conti and Diavol ransomware gangs. Researchers’ analysis exposes the business-like approach the group takes to...

8.8CVSS8.4AI score0.96843EPSS
Exploits38References7
The Hacker News
The Hacker News
added 2022/03/18 7:31 a.m.121 views

Google Uncovers 'Initial Access Broker' Working with Conti Ransomware Gang

Google's Threat Analysis Group TAG took the wraps off a new initial access broker that it said is closely affiliated to a Russian cyber crime gang notorious for its Conti and Diavol ransomware operations. Dubbed Exotic Lily, the financially motivated threat actor has been observed exploiting a...

8.8CVSS1.1AI score0.96843EPSS
Exploits38
Rows per page
Query Builder