Today > | 3 Medium | 2 Low vulnerabilities - You can now download lists of IOCs here!
4 attack reports | 0 vulnerabilities
A recent malware campaign utilizes a multi-stage infection chain starting with a LNK file that lures victims into opening an invoice in a web browser. The attack involves PowerShell commands, batch files, and Python scripts to download and execute the XWorm payload. The infection process includes d…
This analysis explores two distinct methods used to infect systems with AsyncRAT through open directories. The first technique involves a multi-stage process using various obfuscated scripts (VBS, BAT, PowerShell) and disguised files to download and execute the AsyncRAT payload. The second method e…
A command-and-control framework called Winos 4.0 is being distributed through gaming-related applications, targeting Chinese-speaking users. The malware, rebuilt from Gh0st RAT, uses a multi-stage infection process involving fake BMP files, DLLs, and shellcode. It can harvest system information, ca…
Cybersecurity analysts have uncovered a sophisticated malware operation targeting online gambling platforms. Threat actors are distributing the WrnRAT malware by disguising it as popular Korean gambling games. The multi-stage infection process involves a batch script, followed by a .NET-based dropp…