Tag: sideloading

This analysis delves into a DarkGate malware campaign from March-April 2024 that exploits Microsoft Excel files to retrieve malicious payloads hosted on public-facing SMB file shares. It sheds light on the evolving tactics of this threat, which creatively abuses legitimate tools and services for di…

Cisco Talos discovered a new remote access trojan (RAT) dubbed SpiceRAT, employed by the threat actor SneakyChef in a recent malicious campaign. The campaign targeted government agencies across multiple countries in Europe, the Middle East, Africa, and Asia. SpiceRAT was delivered alongside SugarGh…

The analysis examines the Wineloader backdoor, a modular malware attributed to the APT29 threat group, which allows further tools or modules to be downloaded through an encrypted command and control channel. It starts with a phishing email luring targets with a wine tasting event invitation. Execut…