Tag: 2024-07-03

This report provides an in-depth analysis of the evolution of SmokeLoader, a prominent malware downloader that has been active since 2011. It examines the significant changes and improvements introduced in SmokeLoader versions from 2015 to 2022, including updates to its communication protocol, encr…

A remote code execution vulnerability (CVE-2024-23692) in the HFS (HTTP File Server) program has allowed attackers to execute malicious commands on vulnerable systems. Various attack cases exploiting this vulnerability have been observed, leading to the installation of malware such as coin miners, …

A cybersecurity firm has encountered a new ransomware organization, dubbed Volcano Demon, responsible for recent attacks involving an encryptor called LukaLocker. The malware encrypts victims' files with the .nba extension and was successful in compromising Windows workstations and servers after ha…