Tag : obfuscation

10 attack reports | 0 vulnerabilities

Attack Reports

Title Published Tags Description Number of indicators
Dipping into Danger: The WARMCOOKIE backdoor June 12, 2024, 10:41 a.m. Elastic Security Labs identified a new wave of email campaigns targeting environments by deploying a novel backdoor dubbed WARMCOOKIE, which communicates via HTTP cookie parameter… 6
RAT Distributed as UUEncoding (UUE) File June 11, 2024, 10:11 a.m. This intelligence report describes a malicious operation where the Remcos Remote Access Trojan (RAT) is being disseminated through phishing emails containing an attachment exploit… 3
New Agent Tesla Campaign Targeting Spanish-Speaking People June 10, 2024, 11:24 a.m. This report analyzes a phishing campaign spreading a new Agent Tesla variant designed to infiltrate victims' computers and steal sensitive information like credentials, email cont… 6
Malicious Campaign Analysis: JScript RAT and CobaltStrike June 7, 2024, 8:59 a.m. This report examines a recent malicious campaign involving a JScript-based Remote Access Trojan (RAT) and its connections to the CobaltStrike penetration testing tool. The attack … 4
DarkGate again but... Improved? June 6, 2024, 8:16 a.m. The report details the latest developments surrounding the DarkGate remote access trojan, including its enhanced capabilities in version 6, the activities of its developer RastaFa… 313
Wineloader - Analysis of the Infection Chain June 6, 2024, 8:13 a.m. The analysis examines the Wineloader backdoor, a modular malware attributed to the APT29 threat group, which allows further tools or modules to be downloaded through an encrypted … 9
From Document to Script: Insides of Campaign May 17, 2024, 9:38 a.m. This report examines a recent malicious campaign initiated via phishing emails, seemingly from 'QuickBooks,' prompting users to install Java. Clicking the embedded link leads to d… 11
Malware (XMRig, OrcusRAT, etc.) disguised as MS Office crack May 10, 2024, 1:45 p.m. The report details an ongoing malware campaign targeting South Korean users, which disguises malicious payloads as cracked versions of Microsoft Office and other popular software.… 12
macOS Cuckoo Stealer | Ensuring Detection and Defense as New Samples Rapidly Emerge May 10, 2024, 8:31 a.m. This analysis discusses the emergence of a new macOS malware family called 'Cuckoo Stealer', which acts as an infostealer and spyware. It describes Cuckoo Stealer's main features,… 4
RemcosRAT Distributed Using Steganography May 8, 2024, 11:03 a.m. Security researchers have discovered a campaign distributing RemcosRAT through a sophisticated infection chain involving steganography techniques. The attack starts with a malicio… 4