Tag: 2024-05-05
19 attack reports | 32 vulnerabilities
Attack reports
Published: May 10, 2024
Number of indicators: 13
This analysis reveals that malicious groups have been exploiting popular YouTube channels, including some with over 800,000 subsc…
Published: May 10, 2024
Number of indicators: 12
The report details an ongoing malware campaign targeting South Korean users, which disguises malicious payloads as cracked versio…
Published: May 10, 2024
Number of indicators: 23
Juniper Threat Labs has observed attempts to exploit Ivanti Pulse Secure authentication bypass and remote code execution vulnerab…
Published: May 10, 2024
Number of indicators: 24
This analysis delves into the activities of a group of malware operators known as Cerberus (formerly Amnesia) Team, who specializ…
Published: May 10, 2024
Number of indicators: 118
Scattered Spider, a financially motivated threat actor group, has been conducting aggressive phishing campaigns targeting various…
Published: May 10, 2024
Number of indicators: 4
This analysis discusses the emergence of a new macOS malware family called 'Cuckoo Stealer', which acts as an infostealer and spy…
Published: May 9, 2024
Number of indicators: 34
This comprehensive analysis provides a thorough examination of the REMCOS Remote Access Trojan (RAT), a prominent malware threat …
Published: May 9, 2024
Number of indicators: 6
A recent surge of malicious JavaScript code has been observed targeting websites using vulnerable versions of the LiteSpeed Cache…
Published: May 9, 2024
Number of indicators: 13
This intelligence report details a sophisticated infection chain that culminates in the deployment of AsyncRAT, a potent malware …
Published: May 8, 2024
Number of indicators: 74
The CERT Polska team is investigating a large-scale malware campaign carried out by the Russian intelligence group APT28, which h…
Published: May 8, 2024
Number of indicators: 6
Amid the rise of bootkits at the time, a dropper was captured in-the-wild and posted on a malware tracker. The malware was called…
Published: May 8, 2024
Number of indicators: 76
This report details the analysis of a malspam campaign utilizing the Matanbuchus loader, which involved decrypting strings within…
Published: May 8, 2024
Number of indicators: 23
This report details the operation of the zEus stealer malware, which is distributed through a crafted Minecraft source pack. The …
Published: May 8, 2024
Number of indicators: 8
This report examines a malware strain distributed to web servers in South Korea that redirects users to an illegal gambling site.…
Published: May 8, 2024
Number of indicators: 4
Security researchers have discovered a campaign distributing RemcosRAT through a sophisticated infection chain involving steganog…
Published: May 7, 2024
Number of indicators: 11
HijackLoader, also known as IDAT Loader, is a modular malware loader capable of executing multiple payloads. It utilizes a variet…
Published: May 7, 2024
Number of indicators: 4
This analysis delves into the continuous distribution of malicious shortcut files (*.LNK) targeting South Korean users, particula…
Published: May 6, 2024
Number of indicators: 3
CYFIRMA researchers identified an Android malware campaign, active for over a year, targeting Indian defense personnel by an unid…