Today > vulnerabilities   -   You can now download lists of IOCs here!

Tag: toneshell

2 attack reports | 0 vulnerabilities

Attack reports

Chinese APT Abuses VSCode to Target Government in Asia

The report details a campaign by the Chinese advanced persistent threat (APT) group Stately Taurus, which carried out cyberespionage operations against government entities in Southeast Asia. The group employed a novel technique that leveraged the reverse shell feature of Visual Studio Code to gain …

apt
exfiltration
cyberespionage
shadowpad
poisonplug.shadow
toneshell
2024-09-09
credentialtheft
reverseshell
visualstudiocode
Published: September 9, 2024

Downloadable IOCs 17

Toneshell Backdoor Used to Target Attendees of the IISS Defence Summit

A cyber espionage campaign using the ToneShell backdoor, associated with Mustang Panda, has been detected targeting attendees of the 2024 IISS Defence Summit in Prague. The attack utilizes a malicious PIF file masquerading as summit documents, which drops SFFWallpaperCore.exe and libemb.dll. The ma…

phishing
dll sideloading
gh0st rat
2024-09-05
toneshell
pif file
Published: September 5, 2024

Downloadable IOCs 4

» Click here to see all Attack Reports «