What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-03-08 18:36:03 | Explicateur principal des parties prenantes pour les logiciels malveillants d'octo Senior Stakeholder explainer for Octo Malware (lien direct) |
Les cyber-dirigeants doivent prendre des mesures ou faire face aux conséquences Introduction, notre récent blog destiné aux analystes de la sécurité a significatif ...
Cyber leaders need to take action or face the consequences Introduction Our recent blog aimed at security analysts has significant... |
Malware | ★★★ | |
|
2023-03-16 21:19:07 | MoqHao Part 3: Recent Global Targeting Trends (lien direct) | Introduction This blog post is part of an ongoing series of analysis on MoqHao (also referred to as Wroba and XLoader), a malware family... | Malware | ★★★ | |
|
2023-02-24 20:24:50 | Desde Chile con Malware (From Chile with Malware) (lien direct) | Spoiler Alert: They weren't actually from Chile. Introduction This blog post provides a short update on our ongoing tracking of... | Malware | ★★★★ | |
|
2022-04-07 19:38:10 | MoqHao Part 2: Continued European Expansion (lien direct) | This blog is a product of ongoing collaboration with @ninoseki, a Tokyo-based researcher who has tracked MoqHao for several years. His public GitHub contains numerous useful OSINT threat hunting tools. Introduction MoqHao (also referred to as Wroba and XLoader) is a malware family commonly associated with the Roaming Mantis threat actor group. MoqHao is generally [...] | Malware Threat | ||
|
2022-03-23 14:25:30 | Raccoon Stealer – An Insight into Victim “Gates” (lien direct) | Co-authored by Brian Eckman, Josh Hopkins, Andy Kraus, and Paul Welte Raccoon Stealer is one of 40-plus malware families tracked through Team Cymru’s Botnet Analysis and Reporting Service (BARS), a service which underpins our Threat Intelligence Feeds. Introduction to Raccoon Stealer Raccoon Stealer is an information stealer sold to 'affiliates' as a Malware-as-a-Service (MaaS) on [...] | Malware Threat | ||
|
2021-08-24 15:51:23 | Anatomy of a Supply Chain Attack: How to Accelerate Incident Response and Threat Hunting (lien direct) | In recent months, we've seen a sharp rise in software supply chain attacks that infect legitimate applications to distribute malware to users. SolarWinds, Codecov and Kesaya have all been victims of such attacks that went on to impact thousands of downstream businesses around the globe. Within minutes of these high-profile attacks making headline news, CEOs [...] | Malware Threat | ||
|
2021-08-12 00:00:04 | MoqHao Part 1.5: High-Level Trends of Recent Campaigns Targeting Japan (lien direct) | Having last looked at the MoqHao (or Roaming Mantis) malware family in January 2021, we decided to take another look at activities of this threat group. MoqHao targets Android users, usually via an initial attack vector of phishing SMS messages, with a particular focus on Japan, South Korea and Taiwan (although MoqHao's focus continues [...] | Malware Threat | ||
|
2021-02-05 15:49:02 | Kobalos Malware Mapping (lien direct) | On February2nd the great team at ESET released their findings on malware being used to compromise UNIX-like systems, including various distributions of Linux and also FreeBSD, named Kobalos. Malware that targets these platforms is always of great interest to me. Having started my career in high performance computing (HPC) and then having moved [...] | Malware | ||
|
2020-12-16 19:28:07 | Mapping out AridViper Infrastructure Using Augury\'s Malware Module (lien direct) | Twitter user @BaoshengbinCumt posted malware hash faff57734fe08af63e90c0492b4a9a56 on 27 November 2020, which they attributed to AridViper (APT-C-23 / GnatSpy)[i]. This user is a researcher for Qihoo and has previously reported on the activities of AridViper. AridViper, also known as APT-C-23 and GnatSpy, are a group active within the Middle Eastern region, known in [...] | Malware | APT-C-23 | |
|
2020-03-25 10:10:49 | How the Iranian Cyber Security Agency Detects Emissary Panda Malware (lien direct) | Other threat intelligence groups have previously publicised that the Chinese-attributed threat group, Emissary Panda (aka APT27, TG-3390, BRONZE UNION, Iron Tiger and LuckyMouse), have been targeting various sectors in the Middle East, including government organisations. On 15 December 2019, Iran’s Minister of Communications and Information Technology, Mohammad Javad Azari-Jahromi, announced that Iranian authorities had detected foreign spying malware on their government servers which they attributed... Continue Reading → | Malware Threat | APT 27 | |
|
2020-02-19 13:40:01 | Azorult – what we see using our own tools (lien direct) | The Value of Being Able to Perform Threat Analysis outside the Boundaries of Your Enterprise… Looking at Dmitry Bestuzhev's piece about AZORult cryptominer spreading as a fake ProtonVPN installer[1], I took a glance in Augury at what we have for the malware hashes he provided and many are still very low in terms of their detection... Continue Reading → | Malware Threat | ||
|
2019-07-25 13:48:01 | Unmasking AVE_MARIA (lien direct) | Key Findings AVE_MARIA is a Remote Administration Tool (RAT) offering marketed as WARZONE RAT on hacker forums and on the Web WARZONE RAT is only available as a one- or three-month subscription The same persona selling WARZONE RAT also promotes a free dynamic DNS service, warzonedns[.]com Introduction Several public reports[1][2] of a malware family often referred to as AVE_MARIA were made in January 2019. Yoroi, an Internet research company, says the malware sample analyzed for their report[2] contains “AVE_MARIA”, and uses that string as a “hello message” for the malware controller. Also, in a Twitter thread[3] about similar malware, a […] | Malware Tool |
1
We have: 12 articles.
We have: 12 articles.
To see everything:
Our RSS (filtrered)
