Today > | 1 Medium vulnerabilities - You can now download lists of IOCs here!
3 attack reports | 0 vulnerabilities
A sophisticated Android spyware campaign targeting South Koreans has been uncovered by Cyble Research and Intelligence Labs. Active since June 2024, the malware exploits an Amazon AWS S3 bucket as its Command and Control server to exfiltrate sensitive personal data including SMS messages, contacts,…
This report outlines a continuous campaign where a threat actor distributes malware, including Quasar RAT, through a private home trading system (HTS) named HPlus. The malware is initially delivered via an MSI installer, and users who request remote assistance inadvertently execute the AnyDesk soft…
Voice phishing groups in South Korea build phishing pages and apps like SecretCalls to trick victims into installing malware and accessing phishing sites for financial fraud. Detailed analysis of SecretCalls Loader reveals anti-analysis techniques like DEX encryption, emulator detection, and instal…