Sign in Subscribe

Malware

Godzilla Fileless Backdoor Exploits CVE-2023-22527 in Atlassian Confluence

Godzilla Fileless Backdoor Exploits CVE-2023-22527 in Atlassian Confluence

The Godzilla webshell, a Chinese-language malware, leverages AES encryption to evade detection and remains memory-resident, making it particularly challenging for legacy anti-virus solutions to detect.

Threat Actors Target Middle Eastern Organizations with Fake Palo Alto GlobalProtect Tool

Threat Actors Target Middle Eastern Organizations with Fake Palo Alto GlobalProtect Tool

The malware, disguised as the Palo Alto GlobalProtect tool, employs a multi-stage infection process and advanced command-and-control (C&C) infrastructure, posing significant risks to the affected entities.

RansomHub Ransomware: Emerging Threat and Mitigation Strategies

RansomHub Ransomware: Emerging Threat and Mitigation Strategies

RansomHub ransomware has quickly gained notoriety since its inception in February 2024. The advisory disseminates known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with RansomHub

Iranian State-Backed Group Deploys Custom Malware in Ongoing Intelligence Operations

Iranian State-Backed Group Deploys Custom Malware in Ongoing Intelligence Operations

The group targeted sectors including satellite, communications, oil and gas, as well as federal and state governments in the United States and the UAE between April and July 2024. This activity represents a significant evolution in Peach Sandstorm’s ongoing intelligence-gathering operations.

Operation Oxidový: Czech Military Targeted by NATO-Themed Malware Campaign

Operation Oxidový: Czech Military Targeted by NATO-Themed Malware Campaign

a sophisticated malware campaign targeting the Czech Republic's government and military officials. Known as "Operation Oxidový," the campaign leverages NATO-themed decoys to infiltrate and compromise sensitive systems.

Unraveling AsyncRAT: A Deep Dive into Phishing Email Threats

Unraveling AsyncRAT: A Deep Dive into Phishing Email Threats

On August 29, 2024, eSentire’s Threat Response Unit (TRU) released a bulletin detailing a recent investigation into an AsyncRAT infection delivered through phishing emails.

Advanced Persistent Threat Targets Vietnamese Human Rights Defenders with Sophisticated Malware Campaign

Advanced Persistent Threat Targets Vietnamese Human Rights Defenders with Sophisticated Malware Campaign

On August 28, 2024, cybersecurity firm Huntress released a detailed report uncovering a prolonged and sophisticated cyber espionage campaign targeting Vietnamese human rights defenders. The intrusion, believed to have been ongoing for at least four years