Risk reduction redefined: How compromise assessment helps strengthen cyberdefenses IntroductionOrganizations often rely on a layered defense strategy, yet breaches stil... 2024-10-29 22:0:40 | 阅读: 11 | 收藏 | Securelist - securelist.com security attacker network webs software

Lumma/Amadey: fake CAPTCHAs want to know if you’re human Attackers are increasingly distributing malware through a rather unusual method: a fak... 2024-10-29 18:0:31 | 阅读: 10 | 收藏 | Securelist - securelist.com captcha attackers malicious trojan amadey

The Crypto Game of Lazarus APT: Investors vs. Zero-days IntroductionLazarus APT and its BlueNoroff subgroup are a highly sophisticated and mu... 2024-10-23 19:0:48 | 阅读: 12 | 收藏 | Securelist - securelist.com attackers chrome emptyarray memory

Grandoreiro, the global trojan with grandiose ambitions Grandoreiro is a well-known Brazilian banking trojan — part of the Tetrade umbrella —... 2024-10-23 02:0:17 | 阅读: 10 | 收藏 | Securelist - securelist.com grandoreiro encryption victim trojan security

Stealer here, stealer there, stealers everywhere! IntroductionInformation stealers, which are used to collect credentials to then sell... 2024-10-21 18:0:47 | 阅读: 7 | 收藏 | Securelist - securelist.com stealer kral stealers vidar payload

Analysis of the Crypt Ghouls group: continuing the investigation into a series of attacks on Russia Last December, we discovered a new group targeting Russian businesses and government a... 2024-10-18 18:0:47 | 阅读: 9 | 收藏 | Securelist - securelist.com attackers windows ghouls

SAS CTF and the many ways to persist a kernel shellcode on Windows 7 SAS... 2024-10-17 18:0:17 | 阅读: 6 | 收藏 | Securelist - securelist.com windows corrupted shellcode xbb payload

Beyond the Surface: the evolution and expansion of the SideWinder APT group SideWinder, aka T-APT-04 or RattleSnake, is one of the most prolific APT groups that b... 2024-10-15 18:0:54 | 阅读: 32 | 收藏 | Securelist - securelist.com library windows payload c2 malicious

Whispers from the Dark Web Cave. Cyberthreats in the Middle East SOC, TI and IR posts... 2024-10-14 15:0:56 | 阅读: 5 | 收藏 | Securelist - securelist.com threats gangs ransomware

Awaken Likho is awake: new techniques of an APT group IntroductionIn July 2021, a campaign was launched primarily targeting Russian governm... 2024-10-7 18:0:14 | 阅读: 11 | 收藏 | Securelist - securelist.com meshcentral attackers meshagent autoit

Scam Information and Event Management While trying to deliver malware on victims’ devices and stay on them as long as they c... 2024-10-4 16:0:48 | 阅读: 11 | 收藏 | Securelist - securelist.com malicious attackers software dllc a3x

Finding a needle in a haystack: Machine learning at the forefront of threat hunting research IntroductionIn the ever-evolving landscape of cybersecurity, logs, that is informatio... 2024-10-2 18:0:37 | 阅读: 16 | 收藏 | Securelist - securelist.com threats forest machine accuracy

Key Group: another ransomware group using leaked builders Key Group, or keygroup777, is a financially motivated ransomware group primarily targe... 2024-10-1 18:0:24 | 阅读: 37 | 收藏 | Securelist - securelist.com ransomware windows hakuna matata software

Threat landscape for industrial automation systems, Q2 2024 Industrial threats... 2024-9-26 16:0:48 | 阅读: 12 | 收藏 | Securelist - securelist.com pp malicious quarter threats stage

From 12 to 21: how we discovered connections between the Twelve and BlackJack groups While analyzing attacks on Russian organizations, our team regularly encounters overla... 2024-9-25 18:0:19 | 阅读: 18 | 收藏 | Securelist - securelist.com blackjack twelve wiper windows ngrok

Web tracking report: who monitored users’ online activities in 2023–2024 the most Web tracking has become a pervasive aspect of our online experience. Whether we’re bro... 2024-9-24 18:15:14 | 阅读: 17 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com trackers regions download advertising dnt

How the Necro Trojan infiltrated Google Play, again IntroductionWe sometimes come across modified applications when analyzing suspicious... 2024-9-23 18:15:14 | 阅读: 52 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com necro trojan loader payload c2

-=TWELVE=- is back In the spring of 2024, posts with real people’s personal data began appearing on the -... 2024-9-20 20:31:34 | 阅读: 4 | 收藏 | Securelist - securelist.com windows ransomware netlogon powershell attackers

Exotic SambaSpy is now dancing with Italian users IntroductionIn May 2024, we detected a campaign exclusively targeting victims in Ital... 2024-9-18 18:15:15 | 阅读: 9 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com italian malicious sambaspy attacker

Loki: a new private agent for the popular Mythic framework In July 2024, we discovered the previously unknown Loki backdoor, which was used in a... 2024-9-9 15:15:14 | 阅读: 22 | 收藏 | Over Security - Cybersecurity news aggregator - securelist.com loader loki mythic c2 havoc