Lucene search
K

10 matches found

Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.6 views

PT-2025-49562

ParsedReport ChatGPT Translated Autotext: TI Report Analyser + ChatGPT + Auto Translate ------ В статье подробно описывается методология команды Sekoia по обнаружению угроз и исследованию для автоматизации извлечения конфигурации вредоносного ПО, уделяя особое внимание вредоносному ПО, написанном...

8.8CVSS7AI score0.99999EPSS
Exploits7References1
HackRead
HackRead
added 2024/11/20 11:55 a.m.10 views

Linux Variant of Helldown Ransomware Targets VMware ESX Servers

Cybersecurity firm Sekoia has discovered a new variant of Helldown ransomware. The article details their tactics and how…...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/18 9:43 a.m.24 views

Beware: Fake Google Meet Pages Deliver Infostealers in Ongoing ClickFix Campaign

Threat actors are leveraging fake Google Meet web pages as part of an ongoing malware campaign dubbed ClickFix to deliver infostealers targeting Windows and macOS systems. "This tactic involves displaying fake error messages in web browsers to deceive users into copying and executing a given...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/09 4:22 a.m.17 views

Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks

Microsoft is warning of cyber attack campaigns that abuse legitimate file hosting services such as SharePoint, OneDrive, and Dropbox that are widely used in enterprise environments as a defense evasion tactic. The end goal of the campaigns are broad and varied, allowing threat actors to compromis...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/26 10:43 a.m.11 views

Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware

As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack designed to harvest sensitive information for over a year and a half. French cybersecurity firm Sekoia, which disclosed details of the campaign dubbed SilentSelfie, described the intrusio...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/27 6:9 a.m.26 views

French Authorities Launch Operation to Remove PlugX Malware from Infected Systems

French judicial authorities, in collaboration with Europol, have launched a so-called "disinfection operation" to rid compromised hosts of a known malware called PlugX. The Paris Prosecutor's Office, Parquet de Paris, said the initiative was launched on July 18 and that it's expected to continue...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/02 2:12 p.m.52 views

Russian Cyber Adversary BlueCharlie Alters Infrastructure in Response to Disclosures

A Russia-nexus adversary has been linked to 94 new domains starting March 2023, suggesting that the group is actively modifying its infrastructure in response to public disclosures about its activities. Cybersecurity firm Recorded Future linked the revamped infrastructure to a threat actor it...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/29 4:1 p.m.34 views

From MuddyC3 to PhonyC2: Iran's MuddyWater Evolves with a New Cyber Weapon

The Iranian state-sponsored group dubbed MuddyWater has been attributed to a previously unseen command-and-control C2 framework called PhonyC2 that's been put to use by the actor since 2021. Evidence shows that the custom made, actively developed framework has been leveraged in the February 2023...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/21 10:35 a.m.42 views

Researchers Discover Numerous Samples of Information Stealer 'Stealc' in the Wild

A new information stealer called Stealc that's being advertised on the dark web could emerge as a worthy competitor to other malware of its ilk. "The threat actor presents Stealc as a fully featured and ready-to-use stealer, whose development relied on Vidar, Raccoon, Mars, and RedLine stealers,"...

Exploits0
The Hacker News
The Hacker News
added 2022/12/26 12:12 p.m.24 views

PrivateLoader PPI Service Found Distributing Info-Stealing RisePro Malware

The pay-per-install PPI malware downloader service known as PrivateLoader is being used to distribute a previously documented information-stealing malware dubbed RisePro. Flashpoint spotted the newly identified stealer on December 13, 2022, after it discovered "several sets of logs" exfiltrated...

Exploits0
Rows per page
Query Builder