Lucene search
+L

97 matches found

thn
thn
added 2025/08/29 1:12 p.m.4 views

Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign

An abandoned update server associated with input method editor IME software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks primarily targeting users across Eastern Asia. "Attackers employed...

6.7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/05/24 12:0 a.m.6 views

LAMDA: a Longitudinal Android Malware Benchmark for Concept Drift Analysis

Machine learning ML-based malware detection systems often fail to account for the dynamic nature of real-world training and test data distributions. In practice, these distributions evolve due to frequent changes in the Android ecosystem, adversarial development of new malware families, and the...

7.1AI score
Exploits0
thn
thn
added 2025/04/21 7:1 a.m.54 views

Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery

Cybersecurity researchers have disclosed a surge in "mass scanning, credential brute-forcing, and exploitation attempts" originating from IP addresses associated with a Russian bulletproof hosting service provider named Proton66. The activity, detected since January 8, 2025, targeted organization...

9.8CVSS8.2AI score0.98417EPSS
Exploits31
thn
thn
added 2025/04/18 12:3 p.m.63 views

Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader

A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. "Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution," Palo...

7.8CVSS7.6AI score0.73381EPSS
Exploits11
thn
thn
added 2025/03/21 11:1 a.m.37 views

China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families

The China-linked advanced persistent threat APT group known as Aquatic Panda has been linked to a "global espionage campaign" that took place in 2022 targeting seven organizations. These entities include governments, Catholic charities, non-governmental organizations NGOs, and think tanks across...

7.6AI score
Exploits0
thn
thn
added 2025/01/13 12:5 p.m.70 views

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]

The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but so are the ways to protect yourself. In this recap, we’ll break down what’s happening, why it matters, and what you can do to...

9.3CVSS10AI score0.99971EPSS
Exploits25
thn
thn
added 2024/11/26 10:19 a.m.20 views

Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries

The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications companies. Trend Micro, which described the hacking group as an aggressive advanced persistent...

9.8CVSS9.8AI score0.99999EPSS
Exploits93
rapid7blog
rapid7blog
added 2024/11/12 2:0 p.m.14 views

LodaRAT: Established Malware, New Victim Patterns

Executive Summary Rapid7 has observed an ongoing malware campaign involving a new version of LodaRAT. This version possesses the ability to steal cookies and passwords from Microsoft Edge and Brave. LodaRAT, first observed in 2016, is a remote access tool RAT written in AutoIt. Development of...

7.5AI score
Exploits0
thn
thn
added 2024/10/09 1:33 p.m.24 views

N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware

Threat actors with ties to North Korea have been observed targeting job seekers in the tech industry to deliver updated versions of known malware families tracked as BeaverTail and InvisibleFerret. The activity cluster, tracked as CL-STA-0240, is part of a campaign dubbed Contagious Interview tha...

7.2AI score
Exploits0
securelist
securelist
added 2024/09/26 8:0 a.m.7 views

Threat landscape for industrial automation systems, Q2 2024

Statistics across all threats In the second quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.9 pp from the previous quarter to 23.5%. The percentage has decreased by 3.3 pp compared to the second quarter of 2023, when the indicator reached it...

7.3AI score
Exploits0
kitploit
kitploit
added 2024/06/24 12:30 p.m.97 views

Hfinger - Fingerprinting HTTP Requests

Tool for Fingerprinting HTTP requests of malware. Based on Tshark and written in Python3. Working prototype stage :- Its main objective is to provide unique representations fingerprints of malware requests, which help in their identification. Unique means here that each fingerprint should be seen...

7AI score
Exploits0References5
ptsecurity
ptsecurity
added 2024/06/04 12:0 a.m.8 views

PT-2024-4472

Name of the Vulnerable Software and Affected Versions GeoServer versions prior to 2.22.6 GeoServer versions prior to 2.23.6 GeoServer versions prior to 2.24.4 GeoServer versions prior to 2.25.2 Description GeoServer is an open-source server used for sharing and editing geospatial data. An issue...

10CVSS7.8AI score0.99813EPSS
Exploits25References304
securelist
securelist
added 2024/05/27 10:0 a.m.31 views

Threat landscape for industrial automation systems, Q1 2024

Global statistics Statistics across all threats In the first quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.3 pp from the previous quarter to 24.4%. Compared to the first quarter of 2023, the percentage decreased by 1.3 pp. Percentage of IC...

7.5AI score
Exploits0
thn
thn
added 2024/05/08 10:58 a.m.24 views

Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version

A newer version of a malware loader called Hijack Loader has been observed incorporating an updated set of anti-analysis techniques to fly under the radar. "These enhancements aim to increase the malware's stealthiness, thereby remaining undetected for longer periods of time," Zscaler ThreatLabz...

7.1AI score
Exploits0
hivepro
hivepro
added 2024/01/22 3:56 p.m.10 views

TA866 Makes a Comeback with Extensive Email Campaign

Summary: The threat actor identified as TA866 has returned after a hiatus of nine months, launching a new extensive phishing campaign aimed at distributing well-known malware families like WasabiSeed and Screenshotter. Threat Level - Red | Attack Report For a detailed threat advisory, download th...

7.2AI score
Exploits0
thn
thn
added 2024/01/12 1:53 p.m.88 views

Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families

As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure ICS VPN appliances since early December 2023. "These families allow the threat actors to circumvent...

9.1CVSS9.2AI score0.99999EPSS
Exploits23
thn
thn
added 2023/12/13 12:2 p.m.42 views

How to Analyze Malware's Network Traffic in A Sandbox

Malware analysis encompasses a broad range of activities, including examining the malware's network traffic. To be effective at it, it's crucial to understand the common challenges and how to overcome them. Here are three prevalent issues you may encounter and the tools you'll need to address the...

6.8AI score
Exploits0
thn
thn
added 2023/11/20 2:50 p.m.43 views

DarkGate and PikaBot Malware Resurrect QakBot's Tactics in New Phishing Attacks

Phishing campaigns delivering malware families such as DarkGate and PikaBot are following the same tactics previously used in attacks leveraging the now-defunct QakBot trojan. "These include hijacked email threads as the initial infection, URLs with unique patterns that limit user access, and an...

7.5AI score
Exploits0
securelist
securelist
added 2023/11/06 10:0 a.m.36 views

Gaming-related cyberthreats in 2023: Minecrafters targeted the most

Introduction and trends The gaming industry continues growing. The Newzoo report for 2023 reveals that two in five — more than three billion — across the globe are gamers, which is 6.3 percent more than last year. Globally, gaming revenue amounts to an estimated US$242.39 billion, with almost hal...

6.4AI score
Exploits0
trellix
trellix
added 2023/10/09 12:0 a.m.24 views

Rhysida Ransomware

Rhysida Ransomware By Alexandre Mundo, Max Kersten, and Leandro Velasco · October 9, 2023 New ransomware victims are made every day by ransom gangs with a variety of ransomware malware families, one of which is the Rhysida ransomware family. Within this blog, an anonymised version of an attack by...

7.2AI score
Exploits0
Rows per page
Query Builder