Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
2 résultats taggé imitation  ✕
Malvertiser copies PC news site to deliver infostealer https://www.malwarebytes.com/blog/threat-intelligence/2023/11/malvertiser-copies-pc-news-site-to-deliver-infostealer
09/11/2023 18:35:14
QRCode
archive.org
thumbnail

Users looking to download a popular PC utility may be tricked in this campaign where a threat actor has registered a website that copies content from a PC and Windows news portal.

malwarebytes EN 2023 infostealer copies site imitation
Manjusaka: A Chinese sibling of Sliver and Cobalt Strike https://blog.talosintelligence.com/2022/08/manjusaka-offensive-framework.html
03/08/2022 15:35:19
QRCode
archive.org
thumbnail
  • Cisco Talos recently discovered a new attack framework called "Manjusaka" being used in the wild that has the potential to become prevalent across the threat landscape. This framework is advertised as an imitation of the Cobalt Strike framework.
  • The implants for the new malware family are written in the Rust language for Windows and Linux.
  • A fully functional version of the command and control (C2), written in GoLang with a User Interface in Simplified Chinese, is freely available and can generate new implants with custom configurations with ease, increasing the likelihood of wider adoption of this framework by malicious actors.
  • We recently discovered a campaign in the wild using lure documents themed around COVID-19 and the Haixi Mongol and Tibetan Autonomous Prefecture, Qinghai Province. These maldocs ultimately led to the delivery of Cobalt Strike beacons on infected endpoints.
  • We have observed the same threat actor using the Cobalt Strike beacon and implants from the Manjusaka framework.
talosintelligence EN 2022 manjusaka CobaltStrike framework imitation C2
4472 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio