Tag: execution

5 Attack Reports | 0 Vulnerabilities

Attack reports

Earth Preta Evolves its Attacks with New Malware and Strategies

Trend Micros discusses analysis of Earth Preta’s enhancements in their attacks by introducing new tools, malware variants and strategies to their worm-based attacks and their time-sensitive spear-phishing campaign.

Published: September 10, 2024

Downloadable IOCs: 41

GrimResource - Microsoft Management Console for initial access and evasion

A novel, in-the-wild code execution technique leveraging Microsoft Management Console files (MSC) has been identified by Elastic Security researchers and was first spotted in the wild in June 2016 and is currently being investigated by VirusTotal.

Published: June 27, 2024

Downloadable IOCs: 3

Malvertising Campaign Leads to Execution of Oyster Backdoor

Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome and Microsoft Teams.

microsoft teams

Published: June 24, 2024

Downloadable IOCs: 13

TargetCompany’s Linux Variant Targets ESXi Environments

Since its discovery in 2021, TargetCompany has been evolving its techniques to circumvent security defenses employed by organizations; one such technique its use of a PowerShell script to bypass Antimalware Scan Interface (AMSI) and abuse of fully undetectable (FUD) obfuscator packers. A new varian…

Published: June 6, 2024

Downloadable IOCs: 3

Ongoing Malvertising Campaign leads to Ransomware

Rapid7 detected an ongoing malware distribution campaign involving trojanized installers of WinSCP and PuTTY, delivered via malicious search engine ads. The infection chain employs DLL side-loading, credential access, and deploys Sliver beacons followed by Cobalt Strike. In one case, the threat act…

Published: May 15, 2024

Downloadable IOCs: 78

Click here to see more Attack Reports