Tag: 2024-08-14
3 attack reports | 141 vulnerabilities
Attack reports
EastWind campaign: new CloudSorcerer attacks on government organizations in Russia
Kaspersky detected an ongoing targeted cyberattack campaign, dubbed EastWind, targeting Russian government organizations and IT companies. The attackers employed phishing emails with malicious shortcuts to deliver malware that communicated via Dropbox. They utilized tools associated with APT31 and …
Downloadable IOCs 5
Rivers of Phish: Sophisticated Phishing Targets Russia's Perceived Enemies Around the Globe
An extensive investigation uncovered an elaborate phishing campaign conducted by a Russia-based threat actor known as COLDRIVER, attributed to Russia's Federal Security Service. The campaign employed personalized social engineering tactics to target civil society groups, NGOs, journalists, and gove…
Downloadable IOCs 28
Multiple Malware Dropped Through MSI Package
An analysis reveals the distribution of malware through an MSI package, specifically SectopRat and Redline stealer. The malware employs techniques like executing malicious scripts, disabling security measures, and establishing persistence through scheduled tasks. It communicates with command-and-co…
Downloadable IOCs 11
EastWind campaign: new CloudSorcerer attacks on government organizations in Russia
Kaspersky detected an ongoing targeted cyberattack campaign, dubbed EastWind, targeting Russian government organizations and IT companies. The attackers employed phishing emails with malicious shortcuts to deliver malware that communicated via Dropbox. They utilized tools associated with APT31 and …
Downloadable IOCs 5
Rivers of Phish: Sophisticated Phishing Targets Russia's Perceived Enemies Around the Globe
An extensive investigation uncovered an elaborate phishing campaign conducted by a Russia-based threat actor known as COLDRIVER, attributed to Russia's Federal Security Service. The campaign employed personalized social engineering tactics to target civil society groups, NGOs, journalists, and gove…
Downloadable IOCs 28
Multiple Malware Dropped Through MSI Package
An analysis reveals the distribution of malware through an MSI package, specifically SectopRat and Redline stealer. The malware employs techniques like executing malicious scripts, disabling security measures, and establishing persistence through scheduled tasks. It communicates with command-and-co…
Downloadable IOCs 11
EastWind campaign: new CloudSorcerer attacks on government organizations in Russia
Kaspersky detected an ongoing targeted cyberattack campaign, dubbed EastWind, targeting Russian government organizations and IT companies. The attackers employed phishing emails with malicious shortcuts to deliver malware that communicated via Dropbox. They utilized tools associated with APT31 and …
Downloadable IOCs 5
Rivers of Phish: Sophisticated Phishing Targets Russia's Perceived Enemies Around the Globe
An extensive investigation uncovered an elaborate phishing campaign conducted by a Russia-based threat actor known as COLDRIVER, attributed to Russia's Federal Security Service. The campaign employed personalized social engineering tactics to target civil society groups, NGOs, journalists, and gove…
Downloadable IOCs 28
Multiple Malware Dropped Through MSI Package
An analysis reveals the distribution of malware through an MSI package, specifically SectopRat and Redline stealer. The malware employs techniques like executing malicious scripts, disabling security measures, and establishing persistence through scheduled tasks. It communicates with command-and-co…
Downloadable IOCs 11