Title |
Published |
Tags |
Description |
Number of indicators |
'Evil Twin' Apps Spread for Multiple Fraud Schemes |
July 17, 2024, 10:52 a.m. |
|
HUMAN's Satori Threat Intelligence and Research team recently uncovered a massive ad fraud operation dubbed Konfety, involving th… |
0 |
Braodo Info Stealer Targeting Vietnam and Abroad |
July 15, 2024, 10:42 a.m. |
|
CYFIRMA discovered Braodo Stealer, a Python-based malware active since early 2024, primarily targeting users in Vietnam but also … |
14 |
Analysis of Suspected APT Attack Activities by “Silver Fox” |
July 10, 2024, 10:19 a.m. |
|
This document examines the recent activities of the Silver Fox cybercrime group, which has traditionally targeted financial and t… |
7 |
Distribution of AsyncRAT Disguised as Ebook |
July 10, 2024, 9:22 a.m. |
|
This analysis covers the distribution of AsyncRAT malware disguised as an ebook. The compressed file contains a malicious LNK and… |
5 |
Examining Water Infection Routine Leading to an XMRig Cryptominer |
June 28, 2024, 7:39 a.m. |
|
This report details the multi-stage loading technique utilized by the threat actor Water Sigbin to deliver the PureCrypter loader… |
13 |
New InnoSetup Malware Created Upon Each Download Attempt |
June 27, 2024, 9:34 a.m. |
|
A security intelligence report describing a new malware distribution technique where malicious code is dynamically generated for … |
32 |
DBatLoader Distributed via CMD Files |
June 27, 2024, 9:26 a.m. |
|
A cybersecurity analysis has identified a malicious operation involving the distribution of a downloader, dubbed DBatLoader or Mo… |
0 |
StrelaStealer Resurgence: Tracking a JavaScript-Driven Credential Stealer Targeting Europe |
June 25, 2024, 1:07 p.m. |
|
Recent observations indicate a surge in JavaScript spreading StrelaStealer, a credential stealer specifically targeting Outlook a… |
5 |
Dipping into Danger: The WARMCOOKIE backdoor |
June 12, 2024, 10:41 a.m. |
|
Elastic Security Labs identified a new wave of email campaigns targeting environments by deploying a novel backdoor dubbed WARMCO… |
6 |
RAT Distributed as UUEncoding (UUE) File |
June 11, 2024, 10:11 a.m. |
|
This intelligence report describes a malicious operation where the Remcos Remote Access Trojan (RAT) is being disseminated throug… |
3 |
New Agent Tesla Campaign Targeting Spanish-Speaking People |
June 10, 2024, 11:24 a.m. |
|
This report analyzes a phishing campaign spreading a new Agent Tesla variant designed to infiltrate victims' computers and steal … |
6 |
Malicious Campaign Analysis: JScript RAT and CobaltStrike |
June 7, 2024, 8:59 a.m. |
|
This report examines a recent malicious campaign involving a JScript-based Remote Access Trojan (RAT) and its connections to the … |
4 |
DarkGate again but... Improved? |
June 6, 2024, 8:16 a.m. |
|
The report details the latest developments surrounding the DarkGate remote access trojan, including its enhanced capabilities in … |
313 |
Wineloader - Analysis of the Infection Chain |
June 6, 2024, 8:13 a.m. |
|
The analysis examines the Wineloader backdoor, a modular malware attributed to the APT29 threat group, which allows further tools… |
9 |
From Document to Script: Insides of Campaign |
May 17, 2024, 9:38 a.m. |
|
This report examines a recent malicious campaign initiated via phishing emails, seemingly from 'QuickBooks,' prompting users to i… |
11 |
Malware (XMRig, OrcusRAT, etc.) disguised as MS Office crack |
May 10, 2024, 1:45 p.m. |
|
The report details an ongoing malware campaign targeting South Korean users, which disguises malicious payloads as cracked versio… |
12 |
macOS Cuckoo Stealer | Ensuring Detection and Defense as New Samples Rapidly Emerge |
May 10, 2024, 8:31 a.m. |
|
This analysis discusses the emergence of a new macOS malware family called 'Cuckoo Stealer', which acts as an infostealer and spy… |
4 |
RemcosRAT Distributed Using Steganography |
May 8, 2024, 11:03 a.m. |
|
Security researchers have discovered a campaign distributing RemcosRAT through a sophisticated infection chain involving steganog… |
4 |