Tag: 2024-12-23

Cloud Atlas, a threat group active since 2014, has introduced a new backdoor called VBCloud in its latest campaign targeting Eastern Europe and Central Asia. The attack chain begins with phishing emails containing malicious documents exploiting CVE-2018-0802. The infection process involves download…

An investigation of a file named 'Albertsons_payment.GZ' revealed a sophisticated malware delivery chain. The file, initially disguised as an image, was actually a Windows Cabinet file containing an obfuscated batch script. This script employed string slicing techniques to reconstruct commands and …