Today > | 4 Medium | 2 Low vulnerabilities - You can now download lists of IOCs here!
3 attack reports | 0 vulnerabilities
A Russian-speaking threat group, UAT-5647, has been conducting attacks against Ukrainian government entities and Polish targets since late 2023. The group has evolved its toolset to include four distinct malware families: RustClaw and MeltingClaw downloaders, DustyHammock backdoor, and ShadyHammock…
A novel version of the RomCom malware family called SnipBot has been discovered, revealing post-infection activity from attackers on victim systems. This new strain employs new tricks and unique code obfuscation methods beyond those seen in previous RomCom versions. The infection chain begins with …
The Underground ransomware, first observed in July 2023, targets Windows machines by encrypting files and demanding ransom. Attributed to the Russia-based RomCom group, it exploits CVE-2023-36884 and other common infection vectors. The ransomware deletes shadow copies, modifies RemoteDesktop settin…