Tag: impacket

4 Attack Reports | 0 Vulnerabilities

Attack reports

Updated Shadowpad Malware Leads to Ransomware Deployment

A recent investigation revealed Shadowpad malware being used to deploy a new ransomware family in Europe. The threat actor targeted 21 companies across 15 countries, primarily in the manufacturing sector. Access was gained through remote network attacks, exploiting weak passwords and bypassing mult…

multi-factor authentication bypass

remote network attacks

intellectual property theft

Published: February 20, 2025

Downloadable IOCs: 0

Investigating a SharePoint Compromise: IR Tales from the Field

An incident response investigation uncovered an attacker who exploited a SharePoint vulnerability (CVE-2024-38094) to gain initial access. The attacker remained undetected for two weeks, moving laterally across the network and compromising the entire domain. Key tactics included installing Horoung …

credential harvesting

lateral movement

domain compromise

fast reverse proxy (frp)

Published: November 5, 2024

Downloadable IOCs: 8

Storm-0501: Ransomware attacks expanding to hybrid cloud environments

Microsoft has observed Storm-0501, a financially motivated cybercriminal group, conducting multi-staged attacks targeting hybrid cloud environments. The group compromises on-premises networks, performs lateral movement to cloud environments, exfiltrates data, steals credentials, creates persistent …

credential-theft

data-exfiltration

lateral-movement

Published: September 30, 2024

Downloadable IOCs: 14

China-Nexus Threat Group ‘Velvet Ant’ Abuses F5 Load Balancers for Persistence

Published: June 18, 2024

Downloadable IOCs: 5

Click here to see more Attack Reports