Today > | 1 Medium vulnerabilities - You can now download lists of IOCs here!
3 attack reports | 0 vulnerabilities
This analysis delves into a DarkGate malware campaign from March-April 2024 that exploits Microsoft Excel files to retrieve malicious payloads hosted on public-facing SMB file shares. It sheds light on the evolving tactics of this threat, which creatively abuses legitimate tools and services for di…
Cisco Talos discovered a new remote access trojan (RAT) dubbed SpiceRAT, employed by the threat actor SneakyChef in a recent malicious campaign. The campaign targeted government agencies across multiple countries in Europe, the Middle East, Africa, and Asia. SpiceRAT was delivered alongside SugarGh…
The analysis examines the Wineloader backdoor, a modular malware attributed to the APT29 threat group, which allows further tools or modules to be downloaded through an encrypted command and control channel. It starts with a phishing email luring targets with a wine tasting event invitation. Execut…