| Title |
Published |
Tags |
Description |
Number of indicators |
| A Comprehensive Analysis of Angry Stealer: Rage Stealer in a New Disguise |
Aug. 28, 2024, 9:33 a.m. |
|
CYFIRMA's research team recently identified a sophisticated dropper binary designed to deploy an information stealer, dubbed 'Ang… |
2 |
| Report on Ukraine government attack campaign |
Aug. 23, 2024, 8:56 a.m. |
|
Ukraine's government cybersecurity incident response team, CERT-UA, obtained information about the distribution of emails themed … |
33 |
| Ailurophile: G DATA has sighted a new info stealer in the wild |
Aug. 19, 2024, 1:39 p.m. |
|
G DATA has detected a novel information-stealing malware, dubbed 'Ailurophile Stealer'. It is a PHP-based stealer offered through… |
2 |
| Hackers Leveraging OneDrive Or Google Drive To Hide Malicious Traffic |
Aug. 7, 2024, 4:11 p.m. |
|
Cyber threat actors, including nation-state groups, are utilizing legitimate cloud services like Microsoft OneDrive and Google Dr… |
20 |
| BITS and Bytes: Analyzing BITSLOTH, a newly identified backdoor |
Aug. 2, 2024, 9:57 a.m. |
|
Elastic Security Labs uncovered a new Windows backdoor called BITSLOTH that utilizes the Background Intelligent Transfer Service … |
8 |
| Analysis of Golang Payload and Information Theft Campaign |
July 30, 2024, 4:14 p.m. |
|
The report details a recent cyber attack campaign attributed to the APT-C-09 (Mozambique) threat group, which has historically ta… |
8 |
| Threat Actor Uses Fake Recovery Manual to Deliver Unidentified Stealer |
July 24, 2024, 8:06 a.m. |
|
An intelligence report outlines a campaign where an unidentified threat actor impersonated a Microsoft recovery manual through a … |
6 |
| Akira Ransomware Targets the LATAM Airline Industry |
July 16, 2024, 9:53 a.m. |
|
An in-depth analysis examined a threat actor utilizing Akira ransomware to compromise a Latin American airline. The attacker gain… |
2 |
| Braodo Info Stealer Targeting Vietnam and Abroad |
July 15, 2024, 10:42 a.m. |
|
CYFIRMA discovered Braodo Stealer, a Python-based malware active since early 2024, primarily targeting users in Vietnam but also … |
14 |
| Persistent npm Campaign Shipping Trojanized jQuery |
July 10, 2024, 9:36 a.m. |
|
The report describes a persistent supply chain attack involving the distribution of a trojanized version of jQuery through variou… |
67 |
| Arid Viper poisons Android apps with AridSpy |
June 14, 2024, 8:25 a.m. |
|
ESET researchers identified five campaigns targeting Android users with trojanized apps that deploy multistage Android spyware ca… |
37 |
| IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment |
June 10, 2024, 11:03 a.m. |
|
This report details an intrusion that commenced with a spam campaign distributing a forked IcedID loader. After gaining initial a… |
33 |
| Targets Ukraine's Defense Forces using SPECTR malware alongside legitimate SyncThing |
June 7, 2024, 8:33 a.m. |
|
The report describes a cyber attack campaign by the UAC-0020 (Vermin) threat group targeting Ukraine's Defense Forces. The attack… |
33 |
| New ransomware group abusing BitLocker |
May 23, 2024, 2:49 p.m. |
|
The report examines an incident where threat actors leveraged Microsoft's BitLocker encryption utility to deploy unauthorized fil… |
6 |
| StopRansomware: Black Basta |
May 13, 2024, 9:31 a.m. |
|
This advisory details tactics, techniques, procedures and indicators of compromise related to Black Basta ransomware, a variant f… |
174 |
| Fletchen Stealer: An Information Stealer with Sophisticated Anti-Analysis Measures |
April 29, 2024, 6:16 p.m. |
|
This in-depth analysis examines Fletchen stealer, an advanced information-stealing malware featuring potent anti-analysis capabil… |
13 |