Tag: anydesk
3 attack reports | 0 vulnerabilities
Attack reports
Understanding the Initial Stages of Web Shell and VPN Threats: An MXDR Analysis
This analysis examines two cybersecurity incidents: a web shell attack and a VPN compromise. The web shell attack involved uploading malicious files to a server, executing commands, creating a local admin account, and attempting to establish persistence. The VPN compromise led to lateral movement, …
Downloadable IOCs 1
Threat actor targeting UK banks in ongoing AnyDesk social engineering campaign
Threat analysts are tracking an ongoing campaign that employs fake websites and social engineering tactics to distribute a malicious version of the AnyDesk remote access software to Windows and macOS users. Once installed on a victim's machine, it is being utilized to steal data and money. The camp…
Downloadable IOCs 50
From IcedID to Dagon Locker Ransomware in 29 Days
This intrusion started in August 2023 with a phishing campaign that distributed IcedID malware. The phishing operation utilized the Prometheus Traffic Direction System (TDS) to deliver the malware and victims were directed to a fraudulent website, mimicking an Azure download portal.
Downloadable IOCs 33
Understanding the Initial Stages of Web Shell and VPN Threats: An MXDR Analysis
This analysis examines two cybersecurity incidents: a web shell attack and a VPN compromise. The web shell attack involved uploading malicious files to a server, executing commands, creating a local admin account, and attempting to establish persistence. The VPN compromise led to lateral movement, …
Downloadable IOCs 1
Threat actor targeting UK banks in ongoing AnyDesk social engineering campaign
Threat analysts are tracking an ongoing campaign that employs fake websites and social engineering tactics to distribute a malicious version of the AnyDesk remote access software to Windows and macOS users. Once installed on a victim's machine, it is being utilized to steal data and money. The camp…
Downloadable IOCs 50
From IcedID to Dagon Locker Ransomware in 29 Days
This intrusion started in August 2023 with a phishing campaign that distributed IcedID malware. The phishing operation utilized the Prometheus Traffic Direction System (TDS) to deliver the malware and victims were directed to a fraudulent website, mimicking an Azure download portal.
Downloadable IOCs 33
Understanding the Initial Stages of Web Shell and VPN Threats: An MXDR Analysis
This analysis examines two cybersecurity incidents: a web shell attack and a VPN compromise. The web shell attack involved uploading malicious files to a server, executing commands, creating a local admin account, and attempting to establish persistence. The VPN compromise led to lateral movement, …
Downloadable IOCs 1
Threat actor targeting UK banks in ongoing AnyDesk social engineering campaign
Threat analysts are tracking an ongoing campaign that employs fake websites and social engineering tactics to distribute a malicious version of the AnyDesk remote access software to Windows and macOS users. Once installed on a victim's machine, it is being utilized to steal data and money. The camp…
Downloadable IOCs 50
From IcedID to Dagon Locker Ransomware in 29 Days
This intrusion started in August 2023 with a phishing campaign that distributed IcedID malware. The phishing operation utilized the Prometheus Traffic Direction System (TDS) to deliver the malware and victims were directed to a fraudulent website, mimicking an Azure download portal.
Downloadable IOCs 33