| Title |
Published |
Tags |
Description |
Number of indicators |
| Who You Gonna Call? AndroxGh0st Busters! |
July 17, 2024, 7:34 a.m. |
|
This report discusses the AndroxGh0st malware, a Python-scripted threat targeting Laravel web applications to steal sensitive dat… |
7 |
| ProxyLogon and ProxyShell Used to Target Government Mail Servers in Asia, Europe, and South America |
July 5, 2024, 3:03 p.m. |
|
This analysis describes the identification of a server likely exploiting ProxyLogon and ProxyShell vulnerabilities to gain unauth… |
4 |
| China-Nexus Threat Group ‘Velvet Ant’ Abuses F5 Load Balancers for Persistence |
June 18, 2024, 9:10 p.m. |
|
|
5 |
| Ongoing Malvertising Campaign leads to Ransomware |
May 15, 2024, 3:14 p.m. |
|
Rapid7 detected an ongoing malware distribution campaign involving trojanized installers of WinSCP and PuTTY, delivered via malic… |
78 |
| Zloader Learns Old Tricks |
April 30, 2024, 2:41 p.m. |
|
Zloader (a.k.a. Terdot, DELoader, or Silent Night) is a modular trojan based on leaked ZeuS source code. Zloader has continued to… |
8 |
| Analysis of DEV#POPPER: New Attack Campaign Targeting Software Developers Likely Associated With North Korean Threat Actors |
April 29, 2024, 6:38 p.m. |
|
This report delves into an ongoing social engineering attack campaign, codenamed DEV#POPPER, likely orchestrated by North Korean … |
7 |