| Title |
Published |
Tags |
Description |
Number of indicators |
| Threat Actors Hack YouTube Channels to Distribute Infostealers |
May 10, 2024, 1:47 p.m. |
|
This analysis reveals that malicious groups have been exploiting popular YouTube channels, including some with over 800,000 subsc… |
13 |
| Malware (XMRig, OrcusRAT, etc.) disguised as MS Office crack |
May 10, 2024, 1:45 p.m. |
|
The report details an ongoing malware campaign targeting South Korean users, which disguises malicious payloads as cracked versio… |
12 |
| Protecting Networks from Opportunistic Ivanti Pulse Secure Vulnerability Exploitation |
May 10, 2024, 9:06 a.m. |
|
Juniper Threat Labs has observed attempts to exploit Ivanti Pulse Secure authentication bypass and remote code execution vulnerab… |
23 |
| Profiling Trafficers: Cerberus |
May 10, 2024, 9:02 a.m. |
|
This analysis delves into the activities of a group of malware operators known as Cerberus (formerly Amnesia) Team, who specializ… |
24 |
| New Campaigns from Scattered Spider |
May 10, 2024, 8:33 a.m. |
|
Scattered Spider, a financially motivated threat actor group, has been conducting aggressive phishing campaigns targeting various… |
118 |
| macOS Cuckoo Stealer | Ensuring Detection and Defense as New Samples Rapidly Emerge |
May 10, 2024, 8:31 a.m. |
|
This analysis discusses the emergence of a new macOS malware family called 'Cuckoo Stealer', which acts as an infostealer and spy… |
4 |
| Dissecting REMCOS RAT: An in-depth analysis of a widespread 2024 malware, Part Four |
May 9, 2024, 3:14 p.m. |
|
This comprehensive analysis provides a thorough examination of the REMCOS Remote Access Trojan (RAT), a prominent malware threat … |
34 |
| Surge of JavaScript Malware in sites with vulnerable versions of LiteSpeed Cache Plugin |
May 9, 2024, 3:08 p.m. |
|
A recent surge of malicious JavaScript code has been observed targeting websites using vulnerable versions of the LiteSpeed Cache… |
6 |
| Tracking the Surge in Non-PE Cyber Threats |
May 9, 2024, 3:04 p.m. |
|
This intelligence report details a sophisticated infection chain that culminates in the deployment of AsyncRAT, a potent malware … |
13 |
| APT28 campaign against Polish government institutions |
May 8, 2024, 3:37 p.m. |
|
The CERT Polska team is investigating a large-scale malware campaign carried out by the Russian intelligence group APT28, which h… |
74 |
| Guntior - the story of an advanced bootkit that doesn't rely on Windows disk drivers |
May 8, 2024, 1:32 p.m. |
|
Amid the rise of bootkits at the time, a dropper was captured in-the-wild and posted on a malware tracker. The malware was called… |
6 |
| Code Emulation and Cybercrime Infrastructure Discovery |
May 8, 2024, 11:18 a.m. |
|
This report details the analysis of a malspam campaign utilizing the Matanbuchus loader, which involved decrypting strings within… |
76 |
| Stealer Distributed via Crafted Minecraft Source Pack |
May 8, 2024, 11:09 a.m. |
|
This report details the operation of the zEus stealer malware, which is distributed through a crafted Minecraft source pack. The … |
23 |
| Case of Malware Distribution Linking to Illegal Gambling Website Targeting Korean Web Server |
May 8, 2024, 11:05 a.m. |
|
This report examines a malware strain distributed to web servers in South Korea that redirects users to an illegal gambling site.… |
8 |
| RemcosRAT Distributed Using Steganography |
May 8, 2024, 11:03 a.m. |
|
Security researchers have discovered a campaign distributing RemcosRAT through a sophisticated infection chain involving steganog… |
4 |
| HijackLoader Updates |
May 7, 2024, 8:36 a.m. |
|
HijackLoader, also known as IDAT Loader, is a modular malware loader capable of executing multiple payloads. It utilizes a variet… |
11 |
| LNK File Disguised as Certificate Distributing RokRAT Malware |
May 7, 2024, 8:32 a.m. |
|
This analysis delves into the continuous distribution of malicious shortcut files (*.LNK) targeting South Korean users, particula… |
4 |
| New Pakistan-based Cyber Espionage Group’s Year-Long Campaign Targeting Indian Defense Forces with Android Malware |
May 6, 2024, 8:47 a.m. |
|
CYFIRMA researchers identified an Android malware campaign, active for over a year, targeting Indian defense personnel by an unid… |
3 |
| Smart-sex-toy users targeted by clicker trojan |
May 6, 2024, 8:45 a.m. |
|
Virus analysts at Doctor Web uncovered an Android application containing a clicker trojan that silently opens advertising sites a… |
13 |
Tenda i21