| Title |
Published |
Tags |
Description |
Number of indicators |
| Ebury is alive but unseen: 400k Linux servers compromised for cryptotheft and financial gain |
May 15, 2024, 4 p.m. |
|
The Ebury malware gang is continuing to expand, with hundreds of thousands of servers compromised and used to steal cryptocurrenc… |
141 |
| The Overlapping Cyber Strategies Of Transparent Tribe And SideCopy Against India |
May 15, 2024, 3:16 p.m. |
|
CRIL's analysis revealed SideCopy APT group's sophisticated malware campaign, employing malicious LNK files and a complex infecti… |
21 |
| Ongoing Malvertising Campaign leads to Ransomware |
May 15, 2024, 3:14 p.m. |
|
Rapid7 detected an ongoing malware distribution campaign involving trojanized installers of WinSCP and PuTTY, delivered via malic… |
78 |
| Mallox ranomware affiliate leverages PureCrypter in MS-SQL exploitation campaigns |
May 14, 2024, 6:03 p.m. |
|
A team from security firm Sekoia has observed a series of attacks targeting vulnerable assets, including MS-SQL, and Mallox ranso… |
10 |
| PDF “Flawed Design” Exploitation |
May 14, 2024, 3:30 p.m. |
|
Check Point Research identified an unusual pattern involving PDF exploitation, mainly targeting users of Foxit Reader. This explo… |
40 |
| Exploring the Depths of Multi-tiered Infrastructure |
May 14, 2024, 1:06 p.m. |
|
This report provides an in-depth analysis of SolarMarker, a highly persistent and evolving malware family. It delves into the mal… |
45 |
| Distribution of DanaBot Malware via Word Files Detected |
May 14, 2024, 8:16 a.m. |
|
This analysis examines the infection process of the DanaBot malware, distributed through sophisticated spam emails containing mal… |
0 |
| Leveraging DNS Tunneling for Tracking and Scanning |
May 13, 2024, 7:12 p.m. |
|
This article presents a case study on new applications of domain name system (DNS) tunneling PaloAlto Unit42 have found in the wi… |
63 |
| Security Brief: Millions of Messages Distribute LockBit Black Ransomware |
May 13, 2024, 6:27 p.m. |
|
In late April 2024, Proofpoint observed high-volume email campaigns facilitated by the Phorpiex botnet, distributing millions of … |
16 |
| GoTo Meeting loads RAT via Shellcode Loader |
May 13, 2024, 9:47 a.m. |
|
A malicious campaign has been discovered that exploits the legitimate GoTo Meeting online conferencing software to deploy the Rem… |
17 |
| Romance Scams Urging Investment |
May 13, 2024, 9:38 a.m. |
|
The report details an investigation into romance scams that exploit emotional connections to solicit money under the guise of cry… |
3 |
| StopRansomware: Black Basta |
May 13, 2024, 9:31 a.m. |
|
This advisory details tactics, techniques, procedures and indicators of compromise related to Black Basta ransomware, a variant f… |
174 |
| Threat Actors Hack YouTube Channels to Distribute Infostealers |
May 10, 2024, 1:47 p.m. |
|
This analysis reveals that malicious groups have been exploiting popular YouTube channels, including some with over 800,000 subsc… |
13 |
| Malware (XMRig, OrcusRAT, etc.) disguised as MS Office crack |
May 10, 2024, 1:45 p.m. |
|
The report details an ongoing malware campaign targeting South Korean users, which disguises malicious payloads as cracked versio… |
12 |
| Protecting Networks from Opportunistic Ivanti Pulse Secure Vulnerability Exploitation |
May 10, 2024, 9:06 a.m. |
|
Juniper Threat Labs has observed attempts to exploit Ivanti Pulse Secure authentication bypass and remote code execution vulnerab… |
23 |
| Profiling Trafficers: Cerberus |
May 10, 2024, 9:02 a.m. |
|
This analysis delves into the activities of a group of malware operators known as Cerberus (formerly Amnesia) Team, who specializ… |
24 |
| New Campaigns from Scattered Spider |
May 10, 2024, 8:33 a.m. |
|
Scattered Spider, a financially motivated threat actor group, has been conducting aggressive phishing campaigns targeting various… |
118 |
| macOS Cuckoo Stealer | Ensuring Detection and Defense as New Samples Rapidly Emerge |
May 10, 2024, 8:31 a.m. |
|
This analysis discusses the emergence of a new macOS malware family called 'Cuckoo Stealer', which acts as an infostealer and spy… |
4 |