DarkGate Malware Campaign Exploits Patched Microsoft Flaw
The Zero Day Initiative (ZDI) by Trend Micro uncovered a phishing campaign that exploited a patched Microsoft flaw to infect devices with DarkGate malware. CVE-2024-21412 was the Microsoft patch that was exploited ...
How Malware Facilitates Online Financial Fraud and Threatens Corporate Security
Malware stands as a formidable tool in the arsenal of cybercriminals, facilitating online financial fraud with alarming efficiency and sophistication. This malicious software, designed to damage or disable computers, now targets the ...
Analyse, hunt and classify malware using .NET metadata
IntroductionEarlier last week, I ran into a sample that turned out to be PureCrypter, a loader and obfuscator for all different kinds of malware such as Agent Tesla and RedLine. Upon further investigation, ...
Malware
The term malware, is a contraction of "malicious software," and refers to any software intentionally designed to cause damage to a computer, server, client, or computer network. The post Malware appeared first ...
Who’s to Blame for Hacked Social Media Accounts, Spoofed Online Meeting Requests and Malware
In episode 320, Tom and Scott discuss the contentious issue of who is accountable when Facebook or Instagram accounts are hacked, discussing potential failings on both the user’s and Meta’s part. They ...
Deepfakes Malware Attacks: GoldFactory’s Advanced Tactics
In the ever-evolving landscape of mobile Deepfakes malware attacks, a notorious threat actor named GoldFactory has surfaced, leaving a trail of highly sophisticated banking trojans in its wake. The group, operating since ...
Bumblebee Malware Targets US Businesses With New Methods
A recent report revealed that, four months after its sudden disappearance, the notorious Bumblebee malware has emerged once again with different US-based organizations as its target. It was observed that a number ...
New MaaS InfoStealer Malware Campaign Targeting Oil & Gas Sector
By Dylan Duncan Cofense Intelligence is tracking an advanced campaign that is successfully reaching intended targets in the Oil and Gas industry. The campaign delivers an uncommon, but advanced, Malware-as-a-Service information stealer, ...
Volt Typhoon Malware: US Critical Infrastructure Breached
In a recent revelation, the U.S. government disclosed that the Chinese state-sponsored hacking group, Volt Typhoon has surreptitiously infiltrated critical infrastructure networks within the country for a staggering five-year period. This embedded ...
Attackers Quick to Weaponize CVE-2023-22527 for Malware Delivery
On January 16, 2024, Atlassian disclosed a critical vulnerability affecting Confluence Data Center and Confluence Server, tracked as CVE-2023-22527. The vulnerability is an unauthenticated OGNL injection bug, allowing unauthenticated attackers to execute ...