Cyberveilleby Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
7 résultats taggé infostealer  ✕
Darth Vidar: The Dark Side of Evolving Threat Infrastructure https://www.team-cymru.com/post/darth-vidar-the-dark-side-of-evolving-threat-infrastructure
23/01/2023 13:04:53
QRCode
archive.org
thumbnail

Summary Three key takeaways from our analysis of Vidar infrastructure: Russian VPN gateways are potentially providing anonymity for Vidar operators / customers, making it more challenging for analysts to have a complete overview of this threat. These gateways now appear to be migrating to Tor. Vidar operators appear to be expanding their infrastructure, so analysts need to keep them in their sights. We expect a new wave of customers and as a result, an increase of campaigns in the upcoming weeks

team-cymru EN 2023 Vidar infostealer analysis threat infrastructure VPN
An infostealer comes to town: Dissecting a highly evasive malware targeting Italy https://blog.cluster25.duskrise.com/2022/12/22/an-infostealer-comes-to-town
23/12/2022 22:35:26
QRCode
archive.org
thumbnail

Cluster25 researchers analyzed several campaigns (also publicly reported by CERT-AGID) that used phishing emails to spread an InfoStealer malware written in .NET through an infection chain that involves Windows Shortcut (LNK) files and Batch Scripts (BAT). Taking into account the used TTPs and extracted evidence, the attacks seem perpetrated by the same adversary (internally named AUI001).

cluster25 EN 2022 infostealer Italy phishing Campaigns analysis Alibaba2044 IoCs
Detecting and Fingerprinting Infostealer Malware-as-a-Service platforms https://blog.bushidotoken.net/2022/11/detecting-and-fingerprinting.html
27/11/2022 17:18:47
QRCode
archive.org
thumbnail

Cyber threat intelligence largely involves the tracking and studying of the adversaries outside of your network. Gaining counterintelligence about your adversaries' capabilities and weaponry is one of the final building blocks for managing a strong cyber defense. In the pursuit of performing this duty, I have been studying how to discover adversary infrastructure on the internet. One good way of doing this has been via leveraging the scan data available through the popular Shodan search engine. If you've not used it before, Shodan periodically scans the entire internet and makes it available for users to query through. It is often used to monitor networks, look for vulnerabilities, and ensure the security of an organization's perimeter.

bushidotoken en 2022 shodan Infostealer Malware-as-a-Service Detecting howto
Aurora: a rising stealer flying under the radar https://blog.sekoia.io/aurora-a-rising-stealer-flying-under-the-radar/
21/11/2022 20:56:10
QRCode
archive.org
thumbnail

Since September 2022, Aurora malware is advertised as an infostealer and several traffers teams announced they added it to their malware toolset.

sekoia 2022 EN infostealer malware technical analysis IoCs Malware-as-a-Service
New PHP Variant of Ducktail Infostealer Targeting Facebook Business Accounts https://www.zscaler.com/blogs/security-research/new-php-variant-ducktail-infostealer-targeting-facebook-business-accounts
14/10/2022 13:45:07
QRCode
archive.org
thumbnail

ThreatLabz has discovered, hiding in app stores, a PHP variant of the Ducktail infostealer used to hijack Facebook Business accounts.

zscaler EN 2022 Ducktail Facebook Infostealer Analysis
PyPI Phishing Campaign | JuiceLedger Threat Actor Pivots From Fake Apps to Supply Chain Attacks https://www.sentinelone.com/labs/pypi-phishing-campaign-juiceledger-threat-actor-pivots-from-fake-apps-to-supply-chain-attacks/
03/09/2022 11:24:16
QRCode
archive.org
thumbnail

A new threat actor is spreading infostealer malware through targeted attacks on developers and fraudulent cryptotrading applications.

sentinelone EN 2022 PyPI JuiceLedger infostealer malware ANALYSIS
Dissecting Saintstealer https://blog.cyble.com/2022/04/27/dissecting-saintstealer/
10/05/2022 15:09:32
QRCode
archive.org
thumbnail

Cyble Analyzes Saintstealer, an infostealer using a C&C server with known links to other popular infostealers.

Cyble 2022 EN Saintstealer infostealer
1033 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn - Curated by Decio