Cyberveilleby Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
15 résultats taggé RAT  ✕
Who’s Behind the NetWire Remote Access Trojan? https://krebsonsecurity.com/2023/03/whos-behind-the-netwire-remote-access-trojan/
10/03/2023 22:54:28
QRCode
archive.org

A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. The arrest coincided with a seizure of…

krebsonsecurity EN 2023 Croatian RAT NetWire arrested
Unattributed RomCom Threat Actor Spoofing Popular Apps Now Hits Ukrainian Militaries https://blogs.blackberry.com/en/2022/10/unattributed-romcom-threat-actor-spoofing-popular-apps-now-hits-ukrainian-militaries
24/10/2022 21:48:55
QRCode
archive.org
thumbnail

Threat actor RomCom RAT is now targeting Ukrainian military institutions. Known to deploy spoofed versions of popular software Advanced IP Scanner, once exposed, RomCom RAT switched to PDF Filler, another popular application, which indicates the group behind it is actively developing new capabilities.

blackberry EN 2022 Research Unattributed RomCom Advanced-IP-Scanner RAT
MAR-10365227-2.v1 HyperBro https://www.cisa.gov/uscert/ncas/analysis-reports/ar22-277b
05/10/2022 22:41:44
QRCode
archive.org

CISA analyzed 4 files associated with HyperBro malware. The files creates a backdoor program that is capable of uploading and downloading files to and from the system. The RAT is also capable of logging keystrokes and executing commands on the system.

uscert csirt cert CISA HyperBro malware Analysis RAT EN 2022
Webworm: Espionage Attackers Testing and Using Older Modified RATs https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/webworm-espionage-rats
15/09/2022 21:17:57
QRCode
archive.org
thumbnail

The attackers are working on a number of malware threats, some of which have been used in attacks while others are in pre-deployment or testing stages.
Symantec, by Broadcom Software, has gained insight into the current activities of a group we call Webworm. The group has developed customized versions of three older remote access Trojans (RATs), including Trochilus, Gh0st RAT, and 9002 RAT. At least one of the indicators of compromise (IOCs) observed by Symantec was used in an attack against an IT service provider operating in multiple Asian countries, while others appear to be in pre-deployment or testing stages.

symantec-enterprise-blogs.security EN 2022 Gh0st RAT 9002 older Trojans Trochilus
New Wave of Espionage Activity Targets Asian Governments https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/espionage-asia-governments
13/09/2022 20:06:10
QRCode
archive.org
thumbnail

Governments and state-owned organizations are the latest targets of a well-established threat actor.
A distinct group of espionage attackers who were formerly associated with the ShadowPad remote access Trojan (RAT) has adopted a new, diverse toolset to mount an ongoing campaign against a range of government and state-owned organizations in a number of Asian countries. The attacks, which have been underway since at least early 2021, appear to have intelligence gathering as their main goal.

symantec-enterprise-blogs EN 2022 ShadowPad RAT
MagicRAT: Lazarus’ latest gateway into victim networks https://blog.talosintelligence.com/2022/09/lazarus-magicrat.html
08/09/2022 23:21:24
QRCode
archive.org
thumbnail
  • Cisco Talos has discovered a new remote access trojan (RAT) we're calling "MagicRAT," developed and operated by the Lazarus APT group, which the U.S. government believes is a North Korean state-sponsored actor.
  • Lazarus deployed MagicRAT after the successful exploitation of vulnerabilities in VMWare Horizon platforms.
  • We've also found links between MagicRAT and another RAT known as "TigerRAT," disclosed and attributed to Lazarus by the Korean Internet & Security Agency (KISA) recently.
  • TigerRAT has evolved over the past year to include new functionalities that we illustrate in this blog.
talosintelligence EN 2022 MagicRAT Lazarus Lazarus-Group North-Korea TigerRAT RAT
SafeBreach Uncovers New Remote Access Trojan (RAT) https://www.safebreach.com/resources/blog/remote-access-trojan-coderat
06/09/2022 18:01:11
QRCode
archive.org
thumbnail

Dubbed CodeRAT, the new RAT is used in attacks targeting Farsi-speaking code developers using a Microsoft Dynamic Data Exchange (DDE) exploit.

safebreach 2022 EN CodeRAT RAT DDE Analysis
Fake DDoS Pages On WordPress Sites Lead to Drive-By-Downloads https://blog.sucuri.net/2022/08/fake-ddos-pages-on-wordpress-lead-to-drive-by-downloads.html
21/08/2022 10:37:25
QRCode
archive.org
thumbnail

We reveal how hackers have begun leveraging fake DDoS protection pages to trick users into downloading remote access trojans (RATs) onto their computers.

sucuri EN 2022 fake DDoS protection lure Wordpress RAT
Woody RAT: A new feature-rich malware spotted in the wild https://blog.malwarebytes.com/threat-intelligence/2022/08/woody-rat-a-new-feature-rich-malware-spotted-in-the-wild/
04/08/2022 12:35:11
QRCode
archive.org
thumbnail

The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.

malwarebytes EN 2022 Trojan Woody RAT WoodyRat Russia
From the Front Lines | Unsigned macOS oRAT Malware Gambles For The Win https://www.sentinelone.com/blog/from-the-front-lines-unsigned-macos-orat-malware-gambles-for-the-win/
09/05/2022 18:58:30
QRCode
archive.org
thumbnail

Researchers looking into a new APT group targeting gambling sites with a variety of cross-platform malware recently identified a version of oRAT malware targeting macOS users and written in Go. While neither RATs nor Go malware are uncommon on any platform, including the Mac, the development of such a tool by a previously unknown APT is an interesting turn, signifying the increasing need for threat actors to address the rising occurrence of Macs among their intended targets and victims. In this post, we dig deeper into the technical details of this novel RAT to understand better how it works and how security teams can detect it in their environments.

SentinelOne EN 2022 macos oRat Go APT RAT
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups https://blog.talosintelligence.com/2022/03/iranian-supergroup-muddywater.html
10/03/2022 16:30:02
QRCode
archive.org
thumbnail

Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).

talosintelligence Iranian EN 2022 APT research MuddyWater Turkey SloughRAT RAT
Experts Warn of Hacking Group Targeting Aviation and Defense Sectors https://thehackernews.com/2022/02/experts-warn-of-hacking-group-targeting.html
15/02/2022 11:45:35
QRCode
archive.org

Entities in the aviation, aerospace, transportation, manufacturing, and defense industries have been targeted by a persistent threat group since at least 2017 as part of a string of spear-phishing campaigns mounted to deliver a variety of remote access trojans (RATs) on compromised systems

aviation transportation RAT thehackernews EN RAT TA2541
Charting TA2541's Flight https://www.proofpoint.com/us/blog/threat-insight/charting-ta2541s-flight
15/02/2022 11:43:09
QRCode
archive.org
thumbnail
TA2541 proofpoint aviation APT RAT EN transportation
Minaccia Malware prende di mira il settore dell'aviazione e dell'industria aerospaziale https://www.ictsecuritymagazine.com/notizie/minaccia-malware-prende-di-mira-il-settore-dellaviazione-e-dellindustria-aerospaziale/
15/02/2022 11:40:44
QRCode
archive.org
thumbnail

I ricercatori di Proofpoint hanno rilevato TA2541, un attore di minaccia persistente che da anni prende di mira i settori di aviazione, industria

TA2541 IT APT RAT Malware aviazione ictsecuritymagazine
Backdoor RAT for Windows, macOS, and Linux went undetected until now | Ars Technica https://arstechnica.com/information-technology/2022/01/backdoor-for-windows-macos-and-linux-went-undetected-until-now/
15/02/2022 10:22:27
QRCode
archive.org
thumbnail

Never-before-seen, cross-platform SysJoker came from an "advanced threat actor."

Backdoor RAT EN arstechnica SysJoker APT
1185 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn - Curated by Decio