Today > | 1 Medium vulnerabilities - You can now download lists of IOCs here!
5 attack reports | 0 vulnerabilities
A sophisticated cyber espionage campaign dubbed Operation Cobalt Whisper has been uncovered, targeting various industries in Hong Kong and Pakistan. The threat actor focuses on the defense sector, engineering researchers, and key entities in these regions, using tailored lures related to electrotec…
A sophisticated attack campaign using Bitbucket as a legitimate platform to deliver AsyncRAT has been uncovered. The multi-stage approach involves a VBScript obfuscation layer, followed by a PowerShell payload delivery mechanism, and culminates in the execution of AsyncRAT. The attackers exploit Bi…
This analysis details an AsyncRAT infection observed in August 2024, delivered via email. The attack chain involves a Windows Script File that downloads and executes various scripts, ultimately leading to the installation of AsyncRAT with an infostealer plugin. The malware targets multiple browsers…
A novel, in-the-wild code execution technique leveraging Microsoft Management Console files (MSC) has been identified by Elastic Security researchers and was first spotted in the wild in June 2016 and is currently being investigated by VirusTotal.
Securonix Threat Research has uncovered a sophisticated malware campaign, dubbed CLOUD#REVERSER, that leverages popular cloud storage services like Google Drive and Dropbox for malware delivery, command execution, and data exfiltration. The infection chain starts with a phishing email containing a …