Title |
Published |
Tags |
Description |
Number of indicators |
Exploiting CVE-2024-21412: A Stealer Campaign Unleashed |
July 24, 2024, 8:02 a.m. |
|
This report details a malicious campaign exploiting the CVE-2024-21412 vulnerability in Microsoft Windows SmartScreen to bypass s… |
27 |
MoonWalk |
July 12, 2024, 4:11 p.m. |
|
This blog post examines MoonWalk, a new backdoor employed by APT41, a China-based threat actor known for campaigns in Southeast A… |
3 |
DodgeBox: A deep dive into the updated arsenal of APT41 |
July 11, 2024, 12:05 p.m. |
|
This blog post provides an in-depth technical analysis of a newly discovered malware loader called DodgeBox, which is attributed … |
1 |
Turla: A Master of Deception |
July 8, 2024, 10:45 a.m. |
|
This report details a recent campaign by the Turla threat group involving malicious LNK files that deliver a fileless backdoor. T… |
10 |
Dissecting GootLoader With Node.js |
July 4, 2024, 10:30 a.m. |
|
This article demonstrates how to circumvent anti-analysis techniques employed by GootLoader malware while utilizing Node.js debug… |
2 |
Attackers Exploiting Public Cobalt Strike Profiles |
June 26, 2024, 5:26 p.m. |
|
This report discusses recent findings of malicious Cobalt Strike infrastructure and malicious Cobalt Strike samples that leverage… |
6 |
Malware Targets Message Queuing Services Applications |
June 6, 2024, 6:44 p.m. |
|
The report describes a recent campaign targeting Apache RocketMQ platforms, where attackers exploited a known vulnerability (CVE-… |
21 |
Excel File Deploys Cobalt Strike at Ukraine |
June 4, 2024, 5:24 p.m. |
|
A sophisticated multi-stage cyberattack was identified, utilizing an Excel file embedded with a VBA macro designed to deploy a DL… |
10 |
Distribution of Malware Under the Guise of MS Office Cracked Versions (XMRig, OrcusRAT, etc.) |
May 30, 2024, 7:10 a.m. |
|
The report analyzes a campaign where threat actors distribute various malware strains like RATs, coinminers, and loaders disguise… |
11 |
Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear |
May 21, 2024, 11:24 a.m. |
|
This comprehensive analysis delves into the continuous evolution and refinement of sophisticated malware entities employed by a p… |
29 |
Distribution of DanaBot Malware via Word Files Detected |
May 14, 2024, 8:16 a.m. |
|
This analysis examines the infection process of the DanaBot malware, distributed through sophisticated spam emails containing mal… |
0 |
Dissecting REMCOS RAT: An in-depth analysis of a widespread 2024 malware, Part Four |
May 9, 2024, 3:14 p.m. |
|
This comprehensive analysis provides a thorough examination of the REMCOS Remote Access Trojan (RAT), a prominent malware threat … |
34 |
HijackLoader Updates |
May 7, 2024, 8:36 a.m. |
|
HijackLoader, also known as IDAT Loader, is a modular malware loader capable of executing multiple payloads. It utilizes a variet… |
11 |
macOS Adload Pivots Just Days After Apple’s XProtect Clampdown |
May 1, 2024, 8 p.m. |
|
The report analyzes a new variant of the Adload adware that evades Apple's recent XProtect malware signature updates. Despite App… |
11 |