Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 2
25 résultats taggé RAT  ✕
New Campaign Uses Remcos RAT to Exploit Victims https://www.fortinet.com/blog/threat-research/new-campaign-uses-remcos-rat-to-exploit-victims
08/11/2024 17:16:39
QRCode
archive.org
thumbnail

See how threat actors have abused Remcos to collect sensitive information from victims and remotely control their computers to perform further malicious acts.

Fortinet EN 2024 research Remcos RAT
New macOS malware HZ RAT lets attackers control Macs remotely https://moonlock.com/macos-malware-hz-rat
20/09/2024 08:51:58
QRCode
archive.org
thumbnail

It lets attackers control Macs remotely.

moonlock EN 2024 macOS malware HZRAT RAT analysis
New Hunters International RAT identified by Quorum Cyber https://www.quorumcyber.com/insights/sharprhino-new-hunters-international-rat-identified-by-quorum-cyber/
06/08/2024 09:54:02
QRCode
archive.org

During a recent ransomware incident investigated by the Quorum Cyber Incident Response team, novel malware was identified previously unknown.

quorumcyber EN 2024 RAT ransomware Rust ipscan-3.9.1-setup.exe Hunters-International
Rafel RAT, Android Malware from Espionage to Ransomware Operations https://research.checkpoint.com/2024/rafel-rat-android-malware-from-espionage-to-ransomware-operations/
24/06/2024 08:51:05
QRCode
archive.org
thumbnail

Android, Google’s most popular mobile operating system, powers billions of smartphones and tablets globally. Known for its open-source nature and flexibility, Android offers users a wide array of features, customization options, and access to a vast ecosystem of applications through the Google Play Store and other sources.

However, with its widespread adoption and open environment comes the risk of malicious activity. Android malware, a malicious software designed to target Android devices, poses a significant threat to users’ privacy, security, and data integrity. These malicious programs come in various forms, including viruses, Trojans, ransomware, spyware, and adware, and they can infiltrate devices through multiple vectors, such as app downloads, malicious websites, phishing attacks, and even system vulnerabilities.

checkpoint EN 2024 Rafel RAT Android Malware Ransomware Operations
Hackers phish finance orgs using trojanized Minesweeper clone https://www.bleepingcomputer.com/news/security/hackers-phish-finance-orgs-using-trojanized-minesweeper-clone/
01/06/2024 13:47:13
QRCode
archive.org
thumbnail

Hackers are utilizing code from a Python clone of Microsoft's venerable Minesweeper game to hide malicious scripts in attacks on European and US financial organizations.

bleepingcomputer EN 2024 Minesweeper RAT Remote-Access Remote-Access-Trojan Ukraine
RATs Distributed Through Skype, Zoom, & Google Meet Lures https://www.zscaler.com/blogs/security-research/android-and-windows-rats-distributed-online-meeting-lures
06/03/2024 06:41:27
QRCode
archive.org
thumbnail

Threat actors are creating and using fake Skype, Zoom, and Google Meet pages to spread RATs.

zscaler EN 2024 fake Skype Zoom meet RAT Lures
International Cybercrime Malware Service Dismantled by Federal Authorities: Key Malware Sales and Support Actors in Malta and Nigeria Charged in Federal Indictments https://www.justice.gov/opa/pr/international-cybercrime-malware-service-dismantled-federal-authorities-key-malware-sales
13/02/2024 09:18:37
QRCode
archive.org
thumbnail

The Justice Department announced today that, as part of an international law enforcement effort, federal authorities in Boston seized internet domains that were used to sell computer malware used by cybercriminals to secretly access and steal data from victims’ computers. Federal authorities in Atlanta and Boston also unsealed indictments charging individuals in Malta and Nigeria, respectively, for their alleged involvement in selling the malware and supporting cybercriminals seeking to use the malware for malicious purposes.

justice.gov US warzoneRAT FBI Dismantled RAT
BattleRoyal, DarkGate Cluster Spreads via Email and Fake Browser Updates https://www.proofpoint.com/us/blog/threat-insight/battleroyal-darkgate-cluster-spreads-email-and-fake-browser-updates
22/12/2023 16:15:49
QRCode
archive.org
thumbnail

Overview  Throughout the summer and fall of 2023, DarkGate entered the ring competing for the top spot in the remote access trojan (RAT) and loader category. It was observed in use by multiple cybe...

proofpoint EN 2023 BattleRoyal DarkGate RAT fake fake-updates RogueRaticate
AVrecon malware infects 70,000 Linux routers to build botnet https://www.bleepingcomputer.com/news/security/avrecon-malware-infects-70-000-linux-routers-to-build-botnet/
15/07/2023 13:59:09
QRCode
archive.org
thumbnail

Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers and add them to a botnet designed to steal bandwidth and provide a hidden residential proxy service.

bleepingcomputer EN 2023 AVrecon Botnet Linux Malware RAT Router
Rilide: A New Malicious Browser Extension for Stealing Cryptocurrencies https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/rilide-a-new-malicious-browser-extension-for-stealing-cryptocurrencies/
05/04/2023 08:59:27
QRCode
archive.org
thumbnail

Trustwave SpiderLabs uncovered a new strain of malware that it dubbed Rilide, which targets Chromium-based browsers such as Google Chrome, Microsoft Edge, Brave, and Opera.

trustwave c2023 EN Cryptocurrencies Rilide Stealer-Extension Chromium-based Browser RAT Ekipa Extension
Who’s Behind the NetWire Remote Access Trojan? https://krebsonsecurity.com/2023/03/whos-behind-the-netwire-remote-access-trojan/
10/03/2023 22:54:28
QRCode
archive.org

A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. The arrest coincided with a seizure of…

krebsonsecurity EN 2023 Croatian RAT NetWire arrested
Unattributed RomCom Threat Actor Spoofing Popular Apps Now Hits Ukrainian Militaries https://blogs.blackberry.com/en/2022/10/unattributed-romcom-threat-actor-spoofing-popular-apps-now-hits-ukrainian-militaries
24/10/2022 21:48:55
QRCode
archive.org
thumbnail

Threat actor RomCom RAT is now targeting Ukrainian military institutions. Known to deploy spoofed versions of popular software Advanced IP Scanner, once exposed, RomCom RAT switched to PDF Filler, another popular application, which indicates the group behind it is actively developing new capabilities.

blackberry EN 2022 Research Unattributed RomCom Advanced-IP-Scanner RAT
MAR-10365227-2.v1 HyperBro https://www.cisa.gov/uscert/ncas/analysis-reports/ar22-277b
05/10/2022 22:41:44
QRCode
archive.org

CISA analyzed 4 files associated with HyperBro malware. The files creates a backdoor program that is capable of uploading and downloading files to and from the system. The RAT is also capable of logging keystrokes and executing commands on the system.

uscert csirt cert CISA HyperBro malware Analysis RAT EN 2022
Webworm: Espionage Attackers Testing and Using Older Modified RATs https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/webworm-espionage-rats
15/09/2022 21:17:57
QRCode
archive.org
thumbnail

The attackers are working on a number of malware threats, some of which have been used in attacks while others are in pre-deployment or testing stages.
Symantec, by Broadcom Software, has gained insight into the current activities of a group we call Webworm. The group has developed customized versions of three older remote access Trojans (RATs), including Trochilus, Gh0st RAT, and 9002 RAT. At least one of the indicators of compromise (IOCs) observed by Symantec was used in an attack against an IT service provider operating in multiple Asian countries, while others appear to be in pre-deployment or testing stages.

symantec-enterprise-blogs.security EN 2022 Gh0st RAT 9002 older Trojans Trochilus
New Wave of Espionage Activity Targets Asian Governments https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/espionage-asia-governments
13/09/2022 20:06:10
QRCode
archive.org
thumbnail

Governments and state-owned organizations are the latest targets of a well-established threat actor.
A distinct group of espionage attackers who were formerly associated with the ShadowPad remote access Trojan (RAT) has adopted a new, diverse toolset to mount an ongoing campaign against a range of government and state-owned organizations in a number of Asian countries. The attacks, which have been underway since at least early 2021, appear to have intelligence gathering as their main goal.

symantec-enterprise-blogs EN 2022 ShadowPad RAT
MagicRAT: Lazarus’ latest gateway into victim networks https://blog.talosintelligence.com/2022/09/lazarus-magicrat.html
08/09/2022 23:21:24
QRCode
archive.org
thumbnail
  • Cisco Talos has discovered a new remote access trojan (RAT) we're calling "MagicRAT," developed and operated by the Lazarus APT group, which the U.S. government believes is a North Korean state-sponsored actor.
  • Lazarus deployed MagicRAT after the successful exploitation of vulnerabilities in VMWare Horizon platforms.
  • We've also found links between MagicRAT and another RAT known as "TigerRAT," disclosed and attributed to Lazarus by the Korean Internet & Security Agency (KISA) recently.
  • TigerRAT has evolved over the past year to include new functionalities that we illustrate in this blog.
talosintelligence EN 2022 MagicRAT Lazarus Lazarus-Group North-Korea TigerRAT RAT
SafeBreach Uncovers New Remote Access Trojan (RAT) https://www.safebreach.com/resources/blog/remote-access-trojan-coderat
06/09/2022 18:01:11
QRCode
archive.org
thumbnail

Dubbed CodeRAT, the new RAT is used in attacks targeting Farsi-speaking code developers using a Microsoft Dynamic Data Exchange (DDE) exploit.

safebreach 2022 EN CodeRAT RAT DDE Analysis
Fake DDoS Pages On WordPress Sites Lead to Drive-By-Downloads https://blog.sucuri.net/2022/08/fake-ddos-pages-on-wordpress-lead-to-drive-by-downloads.html
21/08/2022 10:37:25
QRCode
archive.org
thumbnail

We reveal how hackers have begun leveraging fake DDoS protection pages to trick users into downloading remote access trojans (RATs) onto their computers.

sucuri EN 2022 fake DDoS protection lure Wordpress RAT
Woody RAT: A new feature-rich malware spotted in the wild https://blog.malwarebytes.com/threat-intelligence/2022/08/woody-rat-a-new-feature-rich-malware-spotted-in-the-wild/
04/08/2022 12:35:11
QRCode
archive.org
thumbnail

The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.

malwarebytes EN 2022 Trojan Woody RAT WoodyRat Russia
From the Front Lines | Unsigned macOS oRAT Malware Gambles For The Win https://www.sentinelone.com/blog/from-the-front-lines-unsigned-macos-orat-malware-gambles-for-the-win/
09/05/2022 18:58:30
QRCode
archive.org
thumbnail

Researchers looking into a new APT group targeting gambling sites with a variety of cross-platform malware recently identified a version of oRAT malware targeting macOS users and written in Go. While neither RATs nor Go malware are uncommon on any platform, including the Mac, the development of such a tool by a previously unknown APT is an interesting turn, signifying the increasing need for threat actors to address the rising occurrence of Macs among their intended targets and victims. In this post, we dig deeper into the technical details of this novel RAT to understand better how it works and how security teams can detect it in their environments.

SentinelOne EN 2022 macos oRat Go APT RAT
page 1 / 2
4261 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio