Lucene search
K

195 matches found

Trend Micro Simply Security
Trend Micro Simply Security
added 2024/04/11 12:0 a.m.15 views

Fileless Attacks Prompt Intel’s Next-Gen Security

Discover how Trend is strengthening its endpoint solutions to detect fileless attacks earlier. By leveraging Intel Threat Detection Technology, Trend enhances the scalability and resiliency of its solutions...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/01 11:22 a.m.51 views

HeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto Mining

Cybersecurity researchers have detailed an updated version of the malware HeadCrab that's known to target Redis database servers across the world since early September 2021. The development, which comes exactly a year after the malware was first publicly disclosed by Aqua, is a sign that the...

8.1AI score
Exploits0
hivepro
hivepro
added 2024/01/30 1:36 p.m.16 views

FAUST: A Phobos Ransomware Variant Launches Fileless Attack

Summary: FAUST ransomware, a variant of the Phobos family, exhibiting intricate deployment stages, from decoding Base64 data to injecting shellcode. Notably, it employs a fileless attack through an Office document with a VBA script, emphasizing the need for user caution with document files from...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/29 11:3 a.m.27 views

Albabat, Kasseika, Kuiper: New Ransomware Gangs Rise with Rust and Golang

Cybersecurity researchers have detected in the wild yet another variant of the Phobos ransomware family known as Faust. Fortinet FortiGuard Labs, which detailed the latest iteration of the ransomware, said it's being propagated by means of an infection that delivers a Microsoft Excel document .XL...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/25 11:30 a.m.36 views

LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks

Cybersecurity researchers have uncovered an updated version of a backdoor called LODEINFO that's distributed via spear-phishing attacks. The findings come from Japanese company ITOCHU Cyber & Intelligence, which said the malware "has been updated with new features, as well as changes to the...

8.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/12/27 9:0 a.m.12 views

How ransomware operators try to stay under the radar

An often heard remark is that when your security solution notices a ransomware attack, it’s already too late. Theres a lot of truth in that, if you consider the encryption process to be the ransomware attack. However, these days encryption is just a part of many ransomware attacks. Some of the...

7.8AI score
Exploits0
hivepro
hivepro
added 2023/12/07 12:27 p.m.15 views

A New Face of AsyncRAT Utilizes WSF Scripts to Spread

Summary: AsyncRAT is a remote access trojan RAT malware known for stealing credentials and executing various malicious activities since 2019. Its recent variant, distributed through WSF script files, employs sophisticated fileless techniques, emphasizing the importance of user caution and robust...

7.5AI score
Exploits0
Kitploit
Kitploit
added 2023/12/03 11:30 a.m.33 views

NimExec - Fileless Command Execution For Lateral Movement In Nim

Basically, NimExec is a fileless remote command execution tool that uses The Service Control Manager Remote Protocol MS-SCMR. It changes the binary path of a random or given service run by LocalSystem to execute the given command on the target and restores it later via hand-crafted RPC packets...

8.4AI score
Exploits0References4
The Hacker News
The Hacker News
added 2023/10/12 1:17 p.m.34 views

Malicious NuGet Package Targeting .NET Developers with SeroXen RAT

A malicious package hosted on the NuGet package manager for the .NET Framework has been found to deliver a remote access trojan called SeroXen RAT. The package, named Pathoschild.Stardew.Mod.Build.Config and published by a user named Disti, is a typosquat of a legitimate package called...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/02 5:31 a.m.52 views

BunnyLoader: New Malware-as-a-Service Threat Emerges in the Cybercrime Underground

Cybersecurity experts have discovered yet another malware-as-a-service MaaS threat called BunnyLoader that's being advertised for sale on the cybercrime underground. "BunnyLoader provides various functionalities such as downloading and executing a second-stage payload, stealing browser credential...

8.3AI score
Exploits0
0day.today
0day.today
added 2023/08/21 12:0 a.m.293 views

Linux/x64 - memfd_create ELF loader Shellcode (170 bytes)

Shellcode Title: Linux/x64 - memfdcreate ELF loader 170 bytes Shellcode Author: Ivan Nikolsky enty8080 & Tomas Globis tomasglgg Tested on: Linux x8664 Shellcode Description: This shellcode attempts to establish reverse TCP connection, reads ELF length, reads ELF and maps it into the memory, creat...

7.4AI score
Exploits0
hivepro
hivepro
added 2023/07/13 1:24 p.m.19 views

New Python-Based Fileless Malware Named ‘PyLoose’ Targeting Cloud Environments

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new fileless attack called PyLoose targets cloud workloads by loading an XMRig Miner directly into memory using Python code and the memfd technique. This evasive attack highlights the need for advanced...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/12 7:39 a.m.27 views

Python-Based PyLoose Fileless Attack Targets Cloud Workloads for Cryptocurrency Mining

A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings from Wiz reveal. "The attack consists of Python code that loads an XMRig Miner directly into memory using memfd, a known Linux fileless technique,"...

7.3AI score
Exploits0
Wiz blog
Wiz blog
added 2023/07/11 1:39 p.m.13 views

PyLoose: Python-based fileless malware targets cloud workloads to deliver cryptominer

PyLoose is a newly discovered Python-based fileless malware targeting cloud workloads. Get a breakdown of how the attack unfolds and the steps to mitigate it...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/30 10:15 p.m.44 views

A proxyjacking campaign is looking for vulnerable SSH servers

A researcher at Akamai has posted a blog about a worrying new trend--proxyjacking--where criminals sell your bandwidth to a third-party proxy service. To understand how proxyjacking works, well need to explain a few things. There are several legitimate services that pay users to share their surpl...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/22 6:0 a.m.11 views

Webinar recap: EDR vs MDR for business success

Did you miss our recent webinar on EDR vs. MDR? Don't worry, we've got you covered! In this blog post, we'll be recapping the highlights and key takeaways from the webinar hosted by Marcin Kleczynski, CEO and co-founder of Malwarebytes, and featuring guest speaker Joseph Blankenship, Vice Preside...

6.9AI score
Exploits0
Trellix
Trellix
added 2023/05/21 12:0 a.m.3 views

Detecting and Visualizing Lateral Movement Attacks with Trellix Helix Connect - Part 2

Detecting and Visualizing Lateral Movement Attacks with Trellix Helix Connect - Part 2 By Maulik Maheta · May 21, 2023 This blog was also written by Chintan Shah Executive summary In the part 1 of this series we discussed in depth about the known Lateral movement attacks like abusing weak service...

7.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/03 10:0 a.m.16 views

Upcoming webinar: Is EDR or MDR better for your business?

Don't miss our upcoming webinar on EDR vs. MDR! In the webinar, Marcin Kleczynski, CEO and co-founder of Malwarebytes, and guest speaker Joseph Blankenship, Vice President and research director at Forrester, discuss topic such as: The difference between EDR and MDR, how EDR solutions can be...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/01 1:0 a.m.9 views

A week in security (April 24 -30)

Last week on Malwarebytes Labs: LockBit and Cl0p ransomware gangs actively exploiting Papercut vulnerabilities Update now: Critical flaw in VMWare Fusion and VMWare Workstation Magecart threat actor rolls out convincing modal forms Fileless attacks: How attackers evade traditional AV and how to...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/27 3:0 a.m.16 views

Fileless attacks: How attackers evade traditional AV and how to stop them

When you hear about malware, theres a good chance you think of sketchy executables or files with extensions like .DOCX or .PDF that, once opened, execute malicious code. These are examples of file-based attacks--and while they can be bad, theyre nothing compared to their fileless cousins. As the...

6.9AI score
Exploits0
Rows per page
Query Builder