Lucene search
K

6 matches found

Talos Blog
Talos Blog
added 2023/05/15 12:0 p.m.25 views

Newly identified RA Group compromises companies in U.S. and South Korea with leaked Babuk source code

Cisco Talos recently discovered a new ransomware actor called RA Group that has been operating since at least April 22, 2023. The actor is swiftly expanding its operations. To date, the group has compromised three organizations in the U.S. and one in South Korea across several business verticals,...

6.8AI score
Exploits0
HackRead
HackRead
added 2020/10/06 3:45 p.m.22 views

Attacker builds malware variant with leaked Mirai source code

By Sudais Asif The source code of Mirai was leaked in September 2016, on the hacking community Hackforums. This is a post from HackRead.com Read the original post: Attacker builds malware variant with leaked Mirai source code...

2.1AI score
Exploits0
ThreatPost
ThreatPost
added 2018/08/17 6:47 p.m.10 views

Unique Malspam Campaign Uses MS Publisher to Drop a RAT on Banks

UPDATE A malspam campaign targeting a slew of banks is turning researchers’ heads with its unusual use of a Microsoft Office Publisher file to infect victims’ systems with a well-known backdoor. Researchers with Trustwave said that they have seen a spate of emails with a Microsoft Office Publishe...

7.4AI score
Exploits0References5
ThreatPost
ThreatPost
added 2017/08/29 2:54 p.m.15 views

Revamped Nukebot Malware Changes Targets, Adds Functions

A revamped version of the Nukebot banking trojan dubbed Jimmy Nukebot has shifted focus from stealing bankcard data and now acts as a conduit for quietly downloading malicious payloads for web-injects, cryptocurrency mining, and taking screenshots of targeted systems. The code is a modification o...

7.3AI score
Exploits0References5
Talos Blog
Talos Blog
added 2017/08/18 11:15 a.m.22 views

Threat Round-up for Aug 11 - Aug 18

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between August 11 and August 18. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavior...

6.9AI score
Exploits0
Metasploit
Metasploit
added 2013/06/30 3:0 p.m.18 views

Carberp Web Panel C2 Backdoor Remote PHP Code Execution

This module exploits backdoors that can be found all over the leaked source code of the Carberp botnet C2 Web Panel. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Carberp Web Panel C2 Backdoo...

0.5AI score
Exploits0
Rows per page
Query Builder