Zloader Installs Remote Access Backdoors and Delivers Cobalt Strike

Credit to Author: Mat Gangwer| Date: Wed, 19 Jan 2022 14:33:57 +0000

Zloader is a banking trojan with historical ties to the Zeus malware.  Recently, Egregor and Ryuk ransomware affiliates used Zloader for the initial point of entry. Zloader featured VNC remote access capabilities and was offered on the infamous Russian-speaking cybercrime forum exploit[.]in. Zloader infects users by leveraging malicious web advertising to redirect users into downloading […]

Read more

A multi-stage PowerShell based attack targets Kazakhstan

Credit to Author: Threat Intelligence Team| Date: Fri, 12 Nov 2021 23:14:03 +0000

We uncover a new attack delivered via a number of PowerShell scripts to deploy Cobalt Strike.

Categories: Threat Intelligence

Tags:

(Read more…)

The post A multi-stage PowerShell based attack targets Kazakhstan appeared first on Malwarebytes Labs.

Read more

Malspam banks on Kaseya ransomware attack

Credit to Author: Malwarebytes Labs| Date: Thu, 08 Jul 2021 16:45:01 +0000

The Malwarebytes Threat Intelligence Team recently found a malspam campaign banking on the ransomware attack that hit Kaseya VSA.

Categories: Social engineering

Tags:

(Read more…)

The post Malspam banks on Kaseya ransomware attack appeared first on Malwarebytes Labs.

Read more

A week in security (May 31 – June 6)

Credit to Author: Malwarebytes Labs| Date: Mon, 07 Jun 2021 10:10:13 +0000

A roundup of the previous week’s most interesting security and online privacy news from May 31 to June 6.

Categories: A week in security

Tags:

(Read more…)

The post A week in security (May 31 – June 6) appeared first on Malwarebytes Labs.

Read more

Cobalt Strike, a penetration testing tool abused by criminals

Credit to Author: Malwarebytes Labs| Date: Tue, 01 Jun 2021 19:09:48 +0000

Cobalt Strike is a pen-testing tool that often ends up in the hands of cybercriminals. Are we providing them with the tools to attack us?

Categories: Researcher’s corner

Tags:

(Read more…)

The post Cobalt Strike, a penetration testing tool abused by criminals appeared first on Malwarebytes Labs.

Read more

Cobalt Strike, a penetration testing tool popular among criminals

Credit to Author: Malwarebytes Labs| Date: Tue, 01 Jun 2021 17:45:43 +0000

Cobalt Strike is a pen-testing tool that often ends up in the hands of cybercriminals. Are we providing them with the tools to attack us?

Categories: Researcher’s corner

Tags:

(Read more…)

The post Cobalt Strike, a penetration testing tool popular among criminals appeared first on Malwarebytes Labs.

Read more

New Lemon Duck variants exploiting Microsoft Exchange Server

Credit to Author: rajeshnataraj| Date: Fri, 07 May 2021 12:30:35 +0000

In March, Microsoft published a set of critical fixes to Exchange Server following the discovery of  ProxyLogon–an exploit that was stolen or leaked from researchers within hours of its disclosure to Microsoft. The exploit is now widely available to cybercriminals, and unpatched and vulnerable Microsoft Exchange Servers continue to attract many threat actors to install cryptocurrency-miners, [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/f5mbGzsxNSo” height=”1″ width=”1″ alt=””/>

Read more