Today > 2 Critical | 5 High | 22 Medium | 5 Low vulnerabilities - You can now download lists of IOCs here!
7 attack reports | 0 vulnerabilities
Trend Micro research shows how attackers use platforms like YouTube to spread fake installers via trusted hosting services, employing encryption to evade detection and steal sensitive browser data.
Russian nation-state actor Secret Blizzard has been observed using tools and infrastructure from other threat actors to compromise targets in Ukraine. Between March and April 2024, Secret Blizzard utilized the Amadey bot malware associated with cybercriminal activity to deploy its custom Tavdig and…
A malicious botnet called Socks5Systemz is operating a proxy service named PROXY.AM, utilizing over 85,000 compromised devices. The botnet, active since 2013, aims to turn infected systems into proxy exit nodes for cybercriminals seeking to obscure their attack sources. Initially boasting around 25…
An adware campaign targets online users by presenting them with fake CAPTCHA or update prompts, tricking them into running malicious PowerShell commands that deploy credential-stealing malware like Lumma and Amadey. The attackers leverage ad networks to redirect victims to compromised sites hosting…
Zharkbot is a C++ downloader with extensive anti-analysis and anti-sandbox features. It uses in-line string encryption and API calls, making static and emulation analysis challenging. The malware performs sandbox detection by checking for specific usernames and hypervisors. It installs itself in th…
A threat actor dubbed Unfurling Hemlock has been observed distributing hundreds of thousands of malware samples in a campaign lasting several months. The malware is distributed using a 'cluster bomb' technique where each sample contains multiple stages of nested executable files, each containing ad…
HijackLoader, also known as IDAT Loader, is a modular malware loader capable of executing multiple payloads. It utilizes a variety of modules for code injection, execution, and evasion techniques. This report analyzes the updated version of HijackLoader, which includes new modules for bypassing Win…