New Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing Chains

A new campaign is making use of Cloudflare Tunnel subdomains to host malicious payloads and deliver them via malicious attachments embedded in phishing emails. The ongoing campaign has been codenamed SERPENTINECLOUD by Securonix. It leverages "the Cloudflare Tunnel infrastructure and Python-based...

New banking trojan “CarnavalHeist” targets Brazil with overlay attacks

Since February 2024, Cisco Talos has been observing an active campaign targeting Brazilian users with a new banking trojan called "CarnavalHeist." Many of the observed tactics, techniques and procedures TTPs are common among other banking trojans coming out of Brazil. This family has also been...

MULTI#STORM Campaign Sets Sights on India and U.S. with RAT

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The MULTISTORM phishing campaign employs JavaScript files to disseminate RATs throughout compromised systems. This intricate attack utilizes a multi-stage procedure that commences when the victim engages...