Short Summary Meow, a ransomware group that emerged in 2022, has gained attention for its unique operational model and rising victim count. It is often
Search Results for: meow
In late 2022, 4 ransomware strains were discovered that are derived from Conti‘s leaked ransomware strain. One of them was Meow ransomware. The operation of this
Elastic Security Labs discovered a new malware family named DOUBLELOADER, often seen with RHADAMANTHYS infostealer, employing the open-source obfuscator ALCATRAZ to evade analysis. The post details multiple obfuscation techniques used by ALCATRAZ and demonstrates methods and tools to deobfuscate and analyze such protected malware. #DOUBLELOADER #RHADAMANTHYS #ALCATRAZ
ClearFake is a malicious JavaScript framework deployed on compromised websites to deliver malware through the drive-by download technique. When it first emerged in July 2023, the injected code was designed to display a fake web browser download page, tricking users into downloading counterfeit browser updates. By May 20241, ClearFake adopted the new social engineering tactic ClickFix, displaying fake error messages in the web browser and deceiving users into copying and executing a given malicious PowerShell code that finally infected their systems.
The Sekoia Threat Detection & Research (TDR) team discovered that since December 2024, ClearFake has included new lures. This latest variant uses fake reCAPTCHA or Cloudflare Turnstile verifications, along with fake technical issues, to trick users into resolving these CAPTCHA challenges and finally executing malicious PowerShell code.
La publication suivante ClearFake’s New Widespread Variant: Increased Web3 Exploitation for Malware Delivery est un article de Sekoia.io Blog.
The Hellcat Ransomware Group is a newly identified Ransomware-as-a-Service (RaaS) threat group, recognized for targeting various organizations, especially in telecommunications and government sectors. Their operations
This week’s threat intelligence report from RST Cloud analyzes various cybersecurity threats targeting different sectors and establishments. Noteworthy attacks include FatalRAT impacting industrial organizations in
This report provides an overview of the main actors involved in malicious campaigns impacting the financial sector in 2024. It follows up on a previous Sekoia report focusing on the emerging trends in the financial cyber threat landscape.
La publication suivante Cyber threats impacting the financial sector in 2024 – focus on the main actors est un article de Sekoia.io Blog.
Cybercriminals are leveraging fake CAPTCHA systems to deliver malware, particularly targeting cryptocurrency communities through Telegram. This sophisticated tactic involves hijacking discussions on X platform and
This weekly threat intelligence report from RST Cloud summarizes 49 threat intelligence reports, highlighting various cyber threats and tactics used by different threat actors. Notable
A large-scale DDoS attack targeted the Chinese game “Black Myth: Wukong” on the Steam and Perfect World platforms in August 2024. The attackers, using a
The article discusses the evolution of the Gayfemboy botnet, which has transformed from a basic Mirai variant into a sophisticated threat utilizing multiple vulnerabilities, including
MUT-1244 is a threat actor identified for leveraging phishing campaigns and trojanized GitHub repositories to exfiltrate sensitive information, including over 390,000 WordPress credentials. The investigation
Summary: The October 2024 Monthly Intelligence Insights report from Securonix Threat Labs highlights significant cybersecurity threats, including the critical FortiJump vulnerability (CVE-2024-47575) in FortiManager, the