Tag: rats
3 attack reports | 0 vulnerabilities
Attack reports
Threat Assessment: North Korean Threat Groups
This assessment evaluates several North Korean threat groups operating under the Reconnaissance General Bureau. It describes their organizational structure, objectives, and the diverse malware families employed in their recent campaigns targeting various industries worldwide. The analysis covers 10…
Downloadable IOCs 58
Threat Actor Abuses Cloudflare Tunnels to Deliver RATs
Proofpoint is tracking a cluster of cybercriminal threat activity leveraging Cloudflare Tunnels to deliver malware, particularly remote access trojans (RATs) like Xworm, AsyncRAT, VenomRAT, GuLoader, and Remcos. The campaigns employ various techniques, such as using URL files to establish connectio…
Downloadable IOCs 13
Howling at the Inbox: Sticky Werewolf's Latest Malicious Aviation Attacks
Morphisec Labs has been monitoring increased activity associated with Sticky Werewolf, a suspected geopolitical or hacktivist group. While their origin remains unclear, recent techniques suggest espionage and data exfiltration intent. Sticky Werewolf has targeted the aviation industry, employing ph…
Downloadable IOCs 14
Threat Assessment: North Korean Threat Groups
This assessment evaluates several North Korean threat groups operating under the Reconnaissance General Bureau. It describes their organizational structure, objectives, and the diverse malware families employed in their recent campaigns targeting various industries worldwide. The analysis covers 10…
Downloadable IOCs 58
Threat Actor Abuses Cloudflare Tunnels to Deliver RATs
Proofpoint is tracking a cluster of cybercriminal threat activity leveraging Cloudflare Tunnels to deliver malware, particularly remote access trojans (RATs) like Xworm, AsyncRAT, VenomRAT, GuLoader, and Remcos. The campaigns employ various techniques, such as using URL files to establish connectio…
Downloadable IOCs 13
Howling at the Inbox: Sticky Werewolf's Latest Malicious Aviation Attacks
Morphisec Labs has been monitoring increased activity associated with Sticky Werewolf, a suspected geopolitical or hacktivist group. While their origin remains unclear, recent techniques suggest espionage and data exfiltration intent. Sticky Werewolf has targeted the aviation industry, employing ph…
Downloadable IOCs 14
Threat Assessment: North Korean Threat Groups
This assessment evaluates several North Korean threat groups operating under the Reconnaissance General Bureau. It describes their organizational structure, objectives, and the diverse malware families employed in their recent campaigns targeting various industries worldwide. The analysis covers 10…
Downloadable IOCs 58
Threat Actor Abuses Cloudflare Tunnels to Deliver RATs
Proofpoint is tracking a cluster of cybercriminal threat activity leveraging Cloudflare Tunnels to deliver malware, particularly remote access trojans (RATs) like Xworm, AsyncRAT, VenomRAT, GuLoader, and Remcos. The campaigns employ various techniques, such as using URL files to establish connectio…
Downloadable IOCs 13
Howling at the Inbox: Sticky Werewolf's Latest Malicious Aviation Attacks
Morphisec Labs has been monitoring increased activity associated with Sticky Werewolf, a suspected geopolitical or hacktivist group. While their origin remains unclear, recent techniques suggest espionage and data exfiltration intent. Sticky Werewolf has targeted the aviation industry, employing ph…
Downloadable IOCs 14