Lucene search
K

64 matches found

The Hacker News
The Hacker News
added 2024/09/27 11:11 a.m.16 views

Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks

The threat actor known as Storm-0501 has targeted government, manufacturing, transportation, and law enforcement sectors in the U.S. to stage ransomware attacks. The multi-stage attack campaign is designed to compromise hybrid cloud environments and perform lateral movement from on-premises to...

8.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/16 11:40 a.m.60 views

Multi-Stage ValleyRAT Targets Chinese Users with Advanced Tactics

Chinese-speaking users are the target of an ongoing campaign that distributes a malware known as ValleyRAT. "ValleyRAT is a multi-stage malware that utilizes diverse techniques to monitor and control its victims and deploy arbitrary plugins to cause further damage," Fortinet FortiGuard Labs...

9.3CVSS8.5AI score0.99933EPSS
Exploits29
HackRead
HackRead
added 2024/08/15 5:24 p.m.17 views

New ValleyRAT Malware Targets Chinese Windows Users in Multi-Stage Attack

A sophisticated ValleyRAT campaign is targeting Chinese Windows users. Learn about the malwares multi-stage attack, its ability to…...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/03/21 6:54 a.m.21 views

The Evolution of DEEP#GOSU Attack Campaign by Kimsuky Group

Summary: A sophisticated multi-stage attack campaign linked to the North Korean Kimsuky group, dubbed DEEPGOSU. Using PowerShell and VBScript, the attackers leverage remote access trojan RAT software for full control over infected hosts, while employing legitimate services like Dropbox for comman...

7.4AI score
Exploits0
hivepro
hivepro
added 2023/12/13 1:15 p.m.18 views

Adversaries Leverage Social Media to Disseminate New Python-Based Stealer

Summary: A recently identified malicious campaign involves the use of WinRAR archive files with minimal detection to execute a multi-stage attack. The payload, known as Editbot, is a newly discovered Python-based stealer. Editbot is specifically designed to extract process information and data...

7AI score
Exploits0
HackRead
HackRead
added 2023/08/09 4:43 p.m.15 views

Rust-Based Injector Deploys XWorm and Remcos RAT in Multi-Stage Attack

By Waqas FortiGuard Labs Reveals Insights into Recent Surge of Cyberattacks Utilizing Rust Programming Language. This is a post from HackRead.com Read the original post: Rust-Based Injector Deploys XWorm and Remcos RAT in Multi-Stage Attack...

6.9AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/06/08 4:0 p.m.28 views

Detecting and mitigating a multi-stage AiTM phishing and BEC campaign

Microsoft Defender Experts uncovered a multi-stage adversary-in-the-middle AiTM phishing and business email compromise BEC attack against banking and financial services organizations. The attack originated from a compromised trusted vendor and transitioned into a series of AiTM attacks and...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/23 11:11 a.m.88 views

New WinTapix.sys Malware Engages in Multi-Stage Attack Across Middle East

An unknown threat actor has been observed leveraging a malicious Windows kernel driver in attacks likely targeting the Middle East since at least May 2020. Fortinet Fortiguard Labs, which dubbed the artifact WINTAPIX WinTapix.sys, attributed the malware with low confidence to an Iranian threat...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/19 3:15 p.m.30 views

Blind Eagle Cyber Espionage Group Strikes Again: New Attack Chain Uncovered

The cyber espionage actor tracked as Blind Eagle has been linked to a new multi-stage attack chain that leads to the deployment of the NjRAT remote access trojan on compromised systems. "The group is known for using a variety of sophisticated attack techniques, including custom malware, social...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/19 3:15 p.m.2 views

Blind Eagle Cyber Espionage Group Strikes Again: New Attack Chain Uncovered

The cyber espionage actor tracked as Blind Eagle has been linked to a new multi-stage attack chain that leads to the deployment of the NjRAT remote access trojan on compromised systems. "The group is known for using a variety of sophisticated attack techniques, including custom malware, social...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/04/04 8:0 a.m.5 views

Actors, Threats and Vulnerabilities 27 March to 2 April 2023

For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, they identified a total of Nine attacks that were executed...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/15 1:33 p.m.28 views

Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware

A new financially motivated campaign that commenced in December 2022 has seen the unidentified threat actor behind it deploying a novel ransomware strain dubbed MortalKombat and a clipper malware known as Laplas. Cisco Talos said it "observed the actor scanning the internet for victim machines wi...

0.7AI score
Exploits0
Talos Blog
Talos Blog
added 2023/02/14 1:0 p.m.37 views

New MortalKombat ransomware and Laplas Clipper malware threats deployed in financially motivated campaign

Since December 2022, Cisco Talos has been observing an unidentified actor deploying two relatively new threats, the recently discovered MortalKombat ransomware and a GO variant of the Laplas Clipper malware, to steal cryptocurrency from victims. Talos observed the actor scanning the internet for...

1.1AI score
Exploits0
ThreatPost
ThreatPost
added 2022/06/30 5:20 p.m.102 views

ZuoRAT Can Take Over Widely Used SOHO Routers

A novel multistage remote access trojan RAT that’s been active since April 2020 is exploiting known vulnerabilities to target popular SOHO routers from Cisco Systems, Netgear, Asus and others. The malware, dubbed ZuoRAT, can access the local LAN, capture packets being transmitted on the device an...

10CVSS9.1AI score0.42479EPSS
Exploits4References8
The Hacker News
The Hacker News
added 2021/06/22 10:2 a.m.63 views

Wormable DarkRadiation Ransomware Targets Linux and Docker Instances

Cybersecurity researchers are sounding the alarm bell over a new ransomware strain called "DarkRadiation" that's implemented entirely in Bash and targets Linux and Docker cloud containers, while banking on messaging service Telegram for command-and-control C2 communications. "The ransomware is...

1.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/06/17 5:30 p.m.24 views

Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature

This blog post was authored by Hossein Jazi and Jérôme Segura On June 10, we found a malicious Word document disguised as a resume that uses template injection to drop a .Net Loader. This is the first part of a multi-stage attack that we believe is associated to an APT attack. In the last stage,...

8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/06/04 3:0 p.m.109 views

New LNK attack tied to Higaisa APT discovered

This post was authored by Hossein Jazi and Jérôme Segura On May 29th, we identified an attack that we believe is part of a new campaign from an Advanced Persistent Threat actor known as Higaisa. The Higaisa APT is believed to be tied to the Korean peninsula, and was first disclosed by Tencent...

Exploits0
ThreatPost
ThreatPost
added 2019/11/14 11:0 a.m.101 views

Innovative PureLocker Ransomware Emerges in Targeted Attacks

The PureLocker ransomware – so-called because it’s written in the PureBasic programming language – has been spotted being used in targeted attacks against both Windows and Linux-based production servers at enterprises. Researchers said it shows unusual characteristics that underscore the innovati...

0.2AI score
Exploits0References5
The Hacker News
The Hacker News
added 2019/07/09 8:17 a.m.98 views

Watch Out! Microsoft Spotted Spike in Astaroth Fileless Malware Attacks

Security researchers at Microsoft have released details of a new widespread campaign distributing an infamous piece of fileless malware that was primarily being found targeting European and Brazilian users earlier this year. Dubbed Astaroth, the malware trojan has been making the rounds since at...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/10/13 3:0 p.m.4471 views

Decoy Microsoft Word document delivers malware through a RAT

In this post, we take a look at a Microsoft Word document which itself is somewhat clean, but is used to launch a multi-stage attack that relies on the hyperlink feature in the OpenXML format. This then loads another document that contains an exploit. Most malicious Microsoft Office documents...

9.3CVSS0.1AI score0.99933EPSS
Exploits40
Rows per page
Query Builder