Lucene search
K

7 matches found

The Hacker News
The Hacker News
added 2026/01/13 9:8 a.m.14 views

New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack

Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOWREACTOR that employs an evasive multi-stage attack chain to deliver a commercially available remote administration tool called Remcos RAT and establish persistent, covert remote access. "The infection chain follows a...

6.9AI score
Exploits0
Talos Blog
Talos Blog
added 2025/03/28 10:0 a.m.12 views

Gamaredon campaign abuses LNK files to distribute Remcos backdoor

Cisco Talos is actively tracking an ongoing campaign targeting users in Ukraine with malicious LNK files, which run a PowerShell downloader, since at least November 2024. The file names use Russian words related to the movement of troops in Ukraine as a lure. The PowerShell downloader contacts...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/02 12:3 p.m.51 views

New Botnet Malware 'Horabot' Targets Spanish-Speaking Users in Latin America

Spanish-speaking users in Latin America have been at the receiving end of a new botnet malware dubbed Horabot since at least November 2020. "Horabot enables the threat actor to control the victim's Outlook mailbox, exfiltrate contacts' email addresses, and send phishing emails with malicious HTML...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/06 9:37 p.m.18 views

A deep dive into Saint Bot, a new downloader

This post was authored by Hasherezade with contributions from Hossein Jazi and Erika Noerenberg In late March 2021, Malwarebytes analysts discovered a phishing email with an attached zip file containing unfamiliar malware. Contained within the zip file was a PowerShell script masquerading as a li...

8.4AI score
Exploits0
Talos Blog
Talos Blog
added 2019/01/18 3:13 p.m.209 views

Threat Roundup for Jan. 11 to Jan. 18

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 11 and Jan. 18. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2018/10/24 4:32 p.m.559 views

sLoad Banking Trojan Downloader Displays Sophisticated Recon and Targeting

A new PowerShell downloader dubbed sLoad is making the rounds, sporting impressive reconnaissance tactics and a penchant for geofencing, which indicate increasing sophistication when it comes to targeting efforts. First spotted in May 2018, sLoad typically delivers the Ramnit banking trojan but h...

0.3AI score
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2018/06/14 12:0 a.m.0 views

Suspicious Powershell Downloader

Many campaigns are known to use Powershell downloaders. A remote attacker could convince users to manually trigger their execution. This would allow the malicious code to run and infect the target system...

5.6AI score
Exploits0
Rows per page
Query Builder