| Title |
Published |
Tags |
Description |
Number of indicators |
| Zharkbot Strings |
Sept. 3, 2024, 8:09 a.m. |
|
Zharkbot is a C++ downloader with extensive anti-analysis and anti-sandbox features. It uses in-line string encryption and API ca… |
2 |
| Advanced Persistent Threat Targeting Vietnamese Human Rights Defenders |
Sept. 3, 2024, 8:02 a.m. |
|
A long-term intrusion targeting a Vietnamese human rights non-profit organization has been discovered, likely spanning at least f… |
46 |
| Analyzing the Mekotio Trojan |
Aug. 30, 2024, 8:14 a.m. |
|
The analysis delves into the Mekotio Trojan, a sophisticated malware that employs a PowerShell dropper to execute its payload. Th… |
2 |
| Deep Analysis of Snake Keylogger’s New Variant |
Aug. 30, 2024, 8:05 a.m. |
|
FortiGuard Labs recently caught a phishing campaign delivering a new variant of Snake Keylogger, a keylogger malware that can ste… |
8 |
| Sophisticated Malware Campaign Targets Czech Officials Using NATO-Themed Decoys |
Aug. 28, 2024, 9:27 a.m. |
|
Seqrite Labs APT-Team discovered a sophisticated malware campaign targeting government and military officials in the Czech Republ… |
13 |
| Unveiling sedexp: A Stealthy Linux Malware Exploiting udev Rules |
Aug. 23, 2024, 9:39 a.m. |
|
Stroz Friedberg discovered sedexp, a stealthy Linux malware that utilizes udev rules to achieve persistence and evade detection. … |
3 |
| Strike Ready: Introducing the Bitter APT Group |
Aug. 19, 2024, 1:35 p.m. |
|
The report provides an in-depth analysis of the Bitter APT Group, a threat actor primarily focusing on cyber espionage activities… |
82 |
| Multiple Malware Dropped Through MSI Package |
Aug. 14, 2024, 11:14 a.m. |
|
An analysis reveals the distribution of malware through an MSI package, specifically SectopRat and Redline stealer. The malware e… |
11 |
| RHADAMANTHYS: In-Depth Analysis of a Sophisticated Stealer Targeting Israeli Users |
Aug. 5, 2024, 8:39 a.m. |
|
This comprehensive technical analysis delves into the intricate workings of an advanced and localized malware campaign employing … |
5 |
| BITS and Bytes: Analyzing BITSLOTH, a newly identified backdoor |
Aug. 2, 2024, 9:57 a.m. |
|
Elastic Security Labs uncovered a new Windows backdoor called BITSLOTH that utilizes the Background Intelligent Transfer Service … |
8 |
| Detecting evolving threats: NetSupport RAT campaign |
Aug. 2, 2024, 8:25 a.m. |
|
This analysis examines a recent malware campaign that utilizes the NetSupport RAT, a legitimate remote administration tool, for p… |
3 |
| Warning Against the Distribution of Malware Disguised as Software Cracks |
July 19, 2024, 5:17 a.m. |
|
This advisory cautions about the distribution of malware masquerading as crack programs for software. The malicious actors aim to… |
1 |
| Kematian-Stealer: A Deep Dive into a New Information Stealer |
July 10, 2024, 10:08 a.m. |
|
This report provides an in-depth analysis of a newly discovered information stealer named Kematian-Stealer, actively developed on… |
4 |
| Distribution of AsyncRAT Disguised as Ebook |
July 10, 2024, 9:22 a.m. |
|
This analysis covers the distribution of AsyncRAT malware disguised as an ebook. The compressed file contains a malicious LNK and… |
5 |
| New Threat: A Deep Dive Into the Zergeca Botnet |
July 5, 2024, 3:33 p.m. |
|
An analysis of a newly discovered botnet named Zergeca, implemented in Go language, with capabilities for DDoS attacks, proxying,… |
13 |
| Malvertising Campaign Leads to Execution of Oyster Backdoor |
June 24, 2024, 6:48 p.m. |
|
Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software su… |
13 |
| RAT Distributed as UUEncoding (UUE) File |
June 11, 2024, 10:11 a.m. |
|
This intelligence report describes a malicious operation where the Remcos Remote Access Trojan (RAT) is being disseminated throug… |
3 |
| Malware Targets Message Queuing Services Applications |
June 6, 2024, 6:44 p.m. |
|
The report describes a recent campaign targeting Apache RocketMQ platforms, where attackers exploited a known vulnerability (CVE-… |
21 |
| Wineloader - Analysis of the Infection Chain |
June 6, 2024, 8:13 a.m. |
|
The analysis examines the Wineloader backdoor, a modular malware attributed to the APT29 threat group, which allows further tools… |
9 |
| Vidar Stealer: An In-depth Analysis of an Information-Stealing Malware |
June 4, 2024, 1:17 p.m. |
|
Vidar Stealer is a potent malware written in C++, capable of stealing a wide range of data from the compromised system. Vidar Ste… |
6 |
| Technical Deep Dive: Understanding the Anatomy of a Cyber Intrusion |
May 24, 2024, 1:52 p.m. |
|
This report details a sophisticated cyber intrusion targeting MITRE's research network (NERVE) through the exploitation of Ivanti… |
4 |
| Malware (XMRig, OrcusRAT, etc.) disguised as MS Office crack |
May 10, 2024, 1:45 p.m. |
|
The report details an ongoing malware campaign targeting South Korean users, which disguises malicious payloads as cracked versio… |
12 |
| macOS Cuckoo Stealer | Ensuring Detection and Defense as New Samples Rapidly Emerge |
May 10, 2024, 8:31 a.m. |
|
This analysis discusses the emergence of a new macOS malware family called 'Cuckoo Stealer', which acts as an infostealer and spy… |
4 |
| Dissecting REMCOS RAT: An in-depth analysis of a widespread 2024 malware, Part Four |
May 9, 2024, 3:14 p.m. |
|
This comprehensive analysis provides a thorough examination of the REMCOS Remote Access Trojan (RAT), a prominent malware threat … |
34 |
| Stealer Distributed via Crafted Minecraft Source Pack |
May 8, 2024, 11:09 a.m. |
|
This report details the operation of the zEus stealer malware, which is distributed through a crafted Minecraft source pack. The … |
23 |
| Fletchen Stealer: An Information Stealer with Sophisticated Anti-Analysis Measures |
April 29, 2024, 6:16 p.m. |
|
This in-depth analysis examines Fletchen stealer, an advanced information-stealing malware featuring potent anti-analysis capabil… |
13 |