Lucene search
K

7 matches found

Trellix
Trellix
added 2023/10/05 12:0 a.m.56 views

Storm-0324: An access for the RaaS Threat Actor (Sangria Tempest)

Storm-0324 to Sangria Tempest Leads to Ransomware Capabilities By Gurumoorthi Ramanathan · October 5, 2023 Executive Summary: In early July 2023, the threat actor that Microsoft calls “Storm-0324” was observed sending a phishing message through Microsoft Teams. Storm-0324 is a financially motivat...

8.2AI score0.12107EPSS
Exploits0
Trellix
Trellix
added 2023/10/05 12:0 a.m.36 views

Storm-0324: An access for the RaaS Threat Actor (Sangria Tempest)

Storm-0324 to Sangria Tempest Leads to Ransomware Capabilities By Trellix · October 5, 2023 This blog was written by Gurumoorthi Ramanathan Executive Summary: In early July 2023, the threat actor that Microsoft calls “Storm-0324” was observed sending a phishing message through Microsoft Teams...

7.3CVSS8.1AI score0.12107EPSS
Exploits0
hivepro
hivepro
added 2023/09/19 6:56 a.m.11 views

Attacks, Vulnerabilities and Actors 11 September to 17 September 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, a total of eight attacks were executed, along with eleven vulnerabilities discovered, and two different adversaries...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/09/18 5:35 a.m.22 views

Storm-0324 Exploits Microsoft Teams Chats Deploying JSSLoader

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Storm-0324 is a financially motivated threat actor with a history of operations dating back to 2016. This actor has a specialization in facilitating ransomware deployments and providing access to...

6.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2023/09/12 5:0 p.m.93 views

Malware distributor Storm-0324 facilitates ransomware access

The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ransomware deployment. Beginnin...

4.1CVSS7.3AI score0.12107EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/15 4:0 p.m.27 views

JSSLoader: the shellcode edition

The Malwarebytes Threat Intelligence team observed a malspam campaign in late June that we attribute to the FIN7 APT group. One of the samples was also reported on Twitter by Josh Trombley; during execution, it was observed to drop a secondary payload, written in .NET. Details about FIN7 campaign...

0.5AI score
Exploits0
ThreatPost
ThreatPost
added 2021/07/23 4:24 p.m.72 views

FIN7 Liquor Lure Compromises Law Firm with Backdoor

Financial cybercrime gang FIN7 has rebounded after the jailing of some key members, launching a campaign that uses as a lure a legal complaint involving the liquor company that owns Jack Daniels whiskey. The gambit successfully compromised at least one law firm, giving them a shot of the JSSLoade...

7AI score
Exploits0References7
Rows per page
Query Builder