Lucene search
K

15 matches found

The Hacker News
The Hacker News
added 2026/06/03 4:29 p.m.17 views

Google DoubleClick Abused in New Malspam Campaign to Deliver .NET Loader

Cybersecurity researchers have flagged a new malspam campaign that makes use of Google's DoubleClick domain as a way to evade detection and ultimately deliver an unidentified .NET-based loader. "Before the victim ever reaches attacker-controlled infrastructure, the lure routes through DoubleClick...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/27 12:0 a.m.7 views

Under the Hood of BlotchyQuasar: DLL-Based RAT Campaigns against Latin America

A sophisticated malspam campaign was recently uncovered targeting Latin American countries, with a particular focus on Brazil. This operation utilizes a highly deceptive phishing email to trick users into executing a malicious MSI file, initiating a multi-stage infection. The core of the attack...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/29 2:38 p.m.69 views

DarkGate Malware Activity Spikes as Developer Rents Out Malware to Affiliates

A new malspam campaign has been observed deploying an off-the-shelf malware called DarkGate. "The current spike in DarkGate malware activity is plausible given the fact that the developer of the malware has recently started to rent out the malware to a limited number of affiliates," Telekom...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/11/21 2:24 p.m.51 views

Notorious Emotet Malware Returns With High-Volume Malspam Campaign

The notorious Emotet malware has returned with renewed vigor as part of a high-volume malspam campaign designed to drop payloads like IcedID and Bumblebee. "Hundreds of thousands of emails per day" have been sent since early November 2022, enterprise security company Proofpoint said last week,...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/15 4:0 p.m.49 views

JSSLoader: the shellcode edition

The Malwarebytes Threat Intelligence team observed a malspam campaign in late June that we attribute to the FIN7 APT group. One of the samples was also reported on Twitter by Josh Trombley; during execution, it was observed to drop a secondary payload, written in .NET. Details about FIN7 campaign...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/06 2:0 p.m.46 views

Hackers Using Fake Trump's Scandal Video to Spread QNode Malware

Cybesecurity researchers today revealed a new malspam campaign that distributes a remote access Trojan RAT by purporting to contain a sex scandal video of U.S. President Donald Trump. The emails, which carry with the subject line "GOOD LOAN OFFER!!," come attached with a Java archive JAR file...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/01/06 2:0 p.m.5 views

Hackers Using Fake Trump's Scandal Video to Spread QNode Malware

Cybesecurity researchers today revealed a new malspam campaign that distributes a remote access Trojan RAT by purporting to contain a sex scandal video of U.S. President Donald Trump. The emails, which carry with the subject line "GOOD LOAN OFFER!!," come attached with a Java archive JAR file...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/11/04 8:10 p.m.27 views

QBot Trojan delivered via malspam campaign exploiting US election uncertainties

This blog post was authored by Jérôme Segura and Hossein Jazi. The 2020 US elections have been the subject of intense scrutiny and emotions, while happening in the middle of a global pandemic. As election night ended and uncertainty regarding the results began to creep in, threat actors decided t...

0.2AI score
Exploits0
ThreatPost
ThreatPost
added 2020/06/11 8:59 p.m.90 views

Black Lives Matter Emails Deliver TrickBot Malware

Cyberattackers are seizing upon the 24-hour news cycle again in order to capitalize on the current zeitgeist – this time with a fake Black Lives Matter malspam campaign that distributes the TrickBot malware. According to Swiss security firm Abuse.ch, threat actors are posing as government...

Exploits0References13
ThreatPost
ThreatPost
added 2020/04/17 2:33 p.m.80 views

Hackers Update Age-Old Excel 4.0 Macro Attack

Hackers have updated the age-old Excel malware attack technique with a new passwordless twist. Researchers have identified a new method that no longer requires victims to enter a password to open a danger document, more readily exposing them to potential malware infection. Researchers from securi...

7AI score
Exploits0References9
Talos Blog
Talos Blog
added 2019/11/05 8:23 a.m.76 views

How adversaries use politics for compromise

By Nick Biasini and Edmund Brumaghin. Executive Summary With the U.S. presidential primaries just around the corner, even malware authors can't help but get behind the frenzy. Cisco Talos recently discovered several malware distribution campaigns where the adversaries were utilizing the names and...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2019/03/15 8:0 a.m.3 views

Patched WinRAR Bug Still Under Active Attack—Thanks to No Auto-Updates

Various cyber criminal groups and individual hackers are still exploiting a recently patched critical code execution vulnerability in WinRAR, a popular Windows file compression application with 500 million users worldwide. Why? Because the WinRAR software doesn't have an auto-update feature, whic...

7.8CVSS7.5AI score0.96274EPSS
Exploits13
The Hacker News
The Hacker News
added 2019/02/26 1:40 p.m.4 views

Latest WinRAR Flaw Being Exploited in the Wild to Hack Windows Computers

It's not just the critical Drupal vulnerability that is being exploited by in the wild cybercriminals to attack vulnerable websites that have not yet applied patches already available by its developers, but hackers are also exploiting a critical WinRAR vulnerability that was also revealed last...

7.8CVSS9.9AI score0.96274EPSS
Exploits13
ThreatPost
ThreatPost
added 2018/07/27 8:41 p.m.412 views

FELIXROOT Backdoor Resurfaces in Environmental Spam Campaign

After a few months of absence, the FELIXROOT backdoor malware has been spotted in a fresh malspam campaign. The campaign uses weaponized lure documents claiming to contain seminar information on environmental protection efforts. This backdoor has a range of functions, including the ability to...

9.3CVSS1.8AI score0.99945EPSS
Exploits62References4
Malwarebytes
Malwarebytes
added 2018/05/07 5:18 p.m.62 views

A week in security (April 30 – May 6)

Last week on Labs, we examined the Spartacus ransomware, reported about a new tactic used by the Necurs malspam campaign, informed you about the recommended Twitter password change, and discussed engaging students to start considering careers in cybersecurity. Other news NTML credentials can be...

1AI score
Exploits0
Rows per page
Query Builder