Lucene search
K

13 matches found

The Hacker News
The Hacker News
added 2024/05/21 1:7 p.m.12 views

SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure

The persistent threat actors behind the SolarMarker information-stealing malware have established a multi-tiered infrastructure to complicate law enforcement takedown efforts, new findings from Recorded Future show. "The core of SolarMarker's operations is its layered infrastructure, which consis...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/29 12:12 p.m.35 views

TheMoon Botnet Resurfaces, Exploiting EoL Devices to Power Criminal Proxy

A botnet previously considered to be rendered inert has been observed enslaving end-of-life EoL small home/small office SOHO routers and IoT devices to fuel a criminal proxy service called Faceless. "TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots from...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/28 7:9 p.m.16 views

Stopping a K-12 cyberattack (SolarMarker) with ThreatDown MDR

In early 2024, a large K-12 school district partnered with ThreatDown MDR to strengthen its cybersecurity posture. Shortly after onboarding, ThreatDown MDR analysts detected unusual patterns of activity subsequently identified as the work of SolarMarker, a sophisticated backdoor. It became eviden...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/01 2:2 p.m.41 views

Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware

Six different law firms were targeted in January and February 2023 as part of two disparate threat campaigns distributing GootLoader and FakeUpdates aka SocGholish malware strains. GootLoader, active since late 2020, is a first-stage downloader that's capable of delivering a wide range of seconda...

0.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/11/03 1:8 p.m.27 views

Go Inside Rapid7 MDR: Timelines and Tick Tocks

They say by 2025, half of all businesses will turn to a managed detection and response MDR service. Breaches are called “inevitable” now. And even with a blank check, most companies couldn’t hire their way to tight security: the expertise just isn’t out there. In this new eBook you’ll find real...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/04/18 12:24 p.m.33 views

New SolarMarker Malware Variant Using Updated Techniques to Stay Under the Radar

Cybersecurity researchers have disclosed an advanced version of the SolarMarker malware that packs in new improvements with the goal of updating its defense evasion abilities and staying under the radar. "The recent version demonstrated an evolution from Windows Portable Executables EXE files to...

2.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/02/01 1:30 p.m.20 views

SolarMarker Malware Uses Novel Techniques to Persist on Hacked Systems

In a sign that threat actors continuously shift tactics and update their defensive measures, the operators of the SolarMarker information stealer and backdoor have been found leveraging stealthy Windows Registry tricks to establish long-term persistence on compromised systems. Cybersecurity firm...

0.3AI score
Exploits0
Talos Blog
Talos Blog
added 2021/08/06 10:50 a.m.42 views

Talos Takes Ep: #63: Shield your eyes from the Solarmarker

By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Andrew Windsor has been following the Solarmarker threat for months. But it really started to catch his eye when he... Thi...

1.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/08/02 11:29 a.m.39 views

A week in security (July 26 – August 1)

Last week on Malwarebytes Labs: OSX.XLoader hides little except its main purpose: What we learned in the installation process. The Clubhouse database “breach” is likely a non-breach. Here’s why. Kaseya Unitrends has unpatched vulnerabilities that could help attackers expand a breach. UDP Technolo...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/08/02 10:7 a.m.42 views

Solarmarker InfoStealer Malware Once Again Making its Way Into the Wild

Healthcare and education sectors are the frequent targets of a new surge in credential harvesting activity from what's a "highly modular" .NET-based information stealer and keylogger, charting the course for the threat actor's continued evolution while simultaneously remaining under the radar...

6.8AI score
Exploits0
Talos Blog
Talos Blog
added 2021/07/29 10:5 a.m.50 views

Threat Spotlight: Solarmarker

By Andrew Windsor, with contributions from Chris Neal. Executive summaryCisco Talos has observed new activity from Solarmarker, a highly modular .NET-based information stealer and keylogger.A previous staging module, "d.m," used with this malware has been replaced by a new module dubbed... This i...

1.7AI score
Exploits0
ThreatPost
ThreatPost
added 2021/06/15 5:5 p.m.42 views

Malicious PDFs Flood the Web, Lead to Password-Snarfing

The pushers behind the SolarMarker backdoor malware are flooding the web with PDFs stuffed with keywords and links that redirect to the password-stealing, credential-snarfing malware. Microsoft Security Intelligence said in a Tweet on Friday that the SolarMarker also known as Jupyter makers are...

7.3AI score
Exploits0References10
ThreatPost
ThreatPost
added 2021/04/14 2:48 p.m.41 views

100,000 Google Sites Used to Install SolarMarker RAT

Hackers are using search-engine optimization SEO tactics to lure business users to more than 100,000 malicious Google sites that seem legitimate, but instead install a remote access trojan RAT, used to gain a foothold on a network and later infect systems with ransomware, credential-stealers,...

7.5AI score
Exploits0References6
Rows per page
Query Builder