QSC: A multi-plugin framework used by CloudComputating group in cyberespionage campaigns IntroductionIn 2021, we began to investigate an attack on the telecom industry in Sou... 2024-11-8 18:0:15 | 阅读: 0 | 收藏 | Securelist - securelist.com qsc windows machine l2schemas network

New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency IntroductionIn August 2024, our team identified a new crimeware bundle, which we name... 2024-11-6 18:0:40 | 阅读: 8 | 收藏 | Securelist - securelist.com steelfox hxxps malicious stage foxit

Loose-lipped neural networks and lazy scammers One topic being actively researched in connection with the breakout of LLMs is capabil... 2024-10-31 18:0:27 | 阅读: 6 | 收藏 | Securelist - securelist.com llm llms gitbook delve kucoin

Risk reduction redefined: How compromise assessment helps strengthen cyberdefenses IntroductionOrganizations often rely on a layered defense strategy, yet breaches stil... 2024-10-29 22:0:40 | 阅读: 5 | 收藏 | Securelist - securelist.com security attacker network webs software

Lumma/Amadey: fake CAPTCHAs want to know if you’re human Attackers are increasingly distributing malware through a rather unusual method: a fak... 2024-10-29 18:0:31 | 阅读: 6 | 收藏 | Securelist - securelist.com captcha attackers malicious trojan amadey

The Crypto Game of Lazarus APT: Investors vs. Zero-days IntroductionLazarus APT and its BlueNoroff subgroup are a highly sophisticated and mu... 2024-10-23 19:0:48 | 阅读: 3 | 收藏 | Securelist - securelist.com attackers chrome emptyarray memory

Grandoreiro, the global trojan with grandiose ambitions Grandoreiro is a well-known Brazilian banking trojan — part of the Tetrade umbrella —... 2024-10-23 02:0:17 | 阅读: 5 | 收藏 | Securelist - securelist.com grandoreiro encryption victim trojan security

Stealer here, stealer there, stealers everywhere! IntroductionInformation stealers, which are used to collect credentials to then sell... 2024-10-21 18:0:47 | 阅读: 2 | 收藏 | Securelist - securelist.com stealer kral stealers vidar payload

Analysis of the Crypt Ghouls group: continuing the investigation into a series of attacks on Russia Last December, we discovered a new group targeting Russian businesses and government a... 2024-10-18 18:0:47 | 阅读: 4 | 收藏 | Securelist - securelist.com attackers windows ghouls

SAS CTF and the many ways to persist a kernel shellcode on Windows 7 SAS... 2024-10-17 18:0:17 | 阅读: 0 | 收藏 | Securelist - securelist.com windows corrupted shellcode xbb payload

Beyond the Surface: the evolution and expansion of the SideWinder APT group SideWinder, aka T-APT-04 or RattleSnake, is one of the most prolific APT groups that b... 2024-10-15 18:0:54 | 阅读: 5 | 收藏 | Securelist - securelist.com library windows payload c2 malicious

Whispers from the Dark Web Cave. Cyberthreats in the Middle East SOC, TI and IR posts... 2024-10-14 15:0:56 | 阅读: 1 | 收藏 | Securelist - securelist.com threats gangs ransomware

Awaken Likho is awake: new techniques of an APT group IntroductionIn July 2021, a campaign was launched primarily targeting Russian governm... 2024-10-7 18:0:14 | 阅读: 7 | 收藏 | Securelist - securelist.com meshcentral attackers meshagent autoit

Scam Information and Event Management While trying to deliver malware on victims’ devices and stay on them as long as they c... 2024-10-4 16:0:48 | 阅读: 4 | 收藏 | Securelist - securelist.com malicious attackers software dllc a3x

Finding a needle in a haystack: Machine learning at the forefront of threat hunting research IntroductionIn the ever-evolving landscape of cybersecurity, logs, that is informatio... 2024-10-2 18:0:37 | 阅读: 12 | 收藏 | Securelist - securelist.com threats forest machine accuracy

Key Group: another ransomware group using leaked builders Key Group, or keygroup777, is a financially motivated ransomware group primarily targe... 2024-10-1 18:0:24 | 阅读: 24 | 收藏 | Securelist - securelist.com ransomware windows hakuna matata software

Threat landscape for industrial automation systems, Q2 2024 Industrial threats... 2024-9-26 16:0:48 | 阅读: 7 | 收藏 | Securelist - securelist.com pp malicious quarter threats stage

From 12 to 21: how we discovered connections between the Twelve and BlackJack groups While analyzing attacks on Russian organizations, our team regularly encounters overla... 2024-9-25 18:0:19 | 阅读: 9 | 收藏 | Securelist - securelist.com blackjack twelve wiper windows ngrok

Web tracking report: who monitored users’ online activities in 2023–2024 the most Web tracking has become a pervasive aspect of our online experience. Whether we’re bro... 2024-9-24 18:15:14 | 阅读: 7 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com trackers regions download advertising dnt

How the Necro Trojan infiltrated Google Play, again IntroductionWe sometimes come across modified applications when analyzing suspicious... 2024-9-23 18:15:14 | 阅读: 47 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com necro trojan loader payload c2