Tag : malware

11 reports 0 vulnerabilities 0 articles

Attack Reports

Title Published Tags Description Number of indicators
New Pakistan-based Cyber Espionage Group’s Year-Long Campaign Targeting Indian Defense Forces with Android Malware May 6, 2024, 8:47 a.m. CYFIRMA researchers identified an Android malware campaign, active for over a year, targeting Indian defense personnel by an unidentified Pakistan-based cyber espionage group. The… 3
Profiling Trafficers: Cerberus May 10, 2024, 9:02 a.m. This analysis delves into the activities of a group of malware operators known as Cerberus (formerly Amnesia) Team, who specialize in spreading infostealers, particularly in the C… 24
Distribution of DanaBot Malware via Word Files Detected May 14, 2024, 8:16 a.m. This analysis examines the infection process of the DanaBot malware, distributed through sophisticated spam emails containing malicious Word documents. The documents leverage exte… 0
PDF “Flawed Design” Exploitation May 14, 2024, 3:30 p.m. Check Point Research identified an unusual pattern involving PDF exploitation, mainly targeting users of Foxit Reader. This exploit triggers security warnings that could deceive u… 40
Ongoing Malvertising Campaign leads to Ransomware May 15, 2024, 3:14 p.m. Rapid7 detected an ongoing malware distribution campaign involving trojanized installers of WinSCP and PuTTY, delivered via malicious search engine ads. The infection chain employ… 78
The Overlapping Cyber Strategies Of Transparent Tribe And SideCopy Against India May 15, 2024, 3:16 p.m. CRIL's analysis revealed SideCopy APT group's sophisticated malware campaign, employing malicious LNK files and a complex infection chain involving HTAs and loader DLLs to deploy … 21
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware May 16, 2024, 9:27 a.m. The report describes a recent campaign by the threat actor Storm-1811, a financially motivated cybercriminal group known for deploying Black Basta ransomware. The campaign begins … 12
Springtail: New Linux Backdoor Added to Toolkit May 16, 2024, 4:46 p.m. Symantec's Threat Hunter Team has uncovered a new Linux backdoor, named Gomir, developed by the North Korean Springtail espionage group, which is linked to malware employed in a r… 20
Payload Trends in Malicious OneNote Samples May 16, 2024, 5:25 p.m. This analysis examines the types of malicious payloads that attackers embed within Microsoft OneNote files to deceive users into executing malicious code. By analyzing approximate… 550
ViperSoftX Uses Deep Learning-based Tesseract to Exfiltrate Information May 17, 2024, 8:50 a.m. This analysis focuses on the recent activities of the ViperSoftX malware strain, which controls infected systems and steals user information. The malware is known to install addit… 8
Spring Cleaning with LATRODECTUS: A Potential Replacement for ICEDID May 17, 2024, 9:03 a.m. LATRODECTUS is a malware loader gaining popularity among cybercriminals, with strong connections to the ICEDID malware family. It offers standard capabilities for deploying payloa… 7