North Korean Hackers Abuse GitHub to Spy on South Korean Firms
Researchers from FortiGuard Labs have uncovered a high-severity spying campaign targeting South Korean companies. Discover how North Korean…
powershell
Attackers use Windows App-V scripts to slip infostealer past enterprise defenses
A malware delivery campaign detailed by Blackpoint researchers employs an impressive array of tricks to deliver an infostealer to employees without triggering enterprise defenses or close examination by security researchers. The attackers aim to get th…
Cloud Atlas activity in the first half of 2025: what changed
Kaspersky expert describes new malicious tools employed by the Cloud Atlas APT, including implants of their signature backdoors VBShower, VBCloud, PowerShower, and CloudAtlas.
New ClickFix Attack Uses Fake Browser Fix to Install DarkGate Malware
Researchers at Point Wild have discovered a new ClickFix attack campaign that tricks users into manually installing DarkGate malware via fake browser extension alerts. Learn how this attack bypasses security by using the Windows Run box and how you can…
Operation ForumTroll continues: Russian political scientists targeted using plagiarism reports
Kaspersky’s GReAT experts have uncovered a new wave of cyberattacks by the ForumTroll APT group, targeting Russian political scientists and delivering the Tuoni framework to their devices.
New JS#SMUGGLER Campaign Drops NetSupport RAT Through Infected Sites
Securonix Threat Research details the complex JS#SMUGGLER campaign, a three-step web attack using obfuscated JavaScript and hidden HTA files to install the NetSupport RAT on user Windows desktops, granting hackers full remote control and persistent acc…
Malicious ZIP Files Use Windows Shortcuts to Drop Malware
Cybersecurity firm Blackpoint Cyber reveals a new spear phishing campaign targeting executives. Learn how attackers use fraudulent document ZIPs containing malicious shortcut files, leveraging ‘living off the land’ tactics, and a unique Anti-Virus chec…
Malware Campaign Leverages SVGs, Email Attachments, and CDNs to Drop XWorm and Remcos via BAT Scripts
Table of Content: Introduction Infection Chain Process Tree Campaign 1: – Persistence – BATCH files – PowerShell script – Loader – Xworm/Remcos Campaign 2 Conclusion IOCS Detections MITRE ATTACK TTPs Introduction: Recent threat campaigns have revealed an evolving use of BAT-based loaders to deliver Remote Access Trojans, including XWorm and Remcos. These campaigns often begin […]
The post Malware Campaign Leverages SVGs, Email Attachments, and CDNs to Drop XWorm and Remcos via BAT Scripts appeared first on Blogs on Information Technology, Network & Cybersecurity | Seqrite.
NoisyBear Exploits ZIP Files for PowerShell Loaders and Data Exfiltration
The threat actor known as NoisyBear has launched a sophisticated cyber-espionage effort called Operation BarrelFire, using specially designed phishing lures that imitate internal correspondence to target Kazakhstan’s energy sector, particularly w…
New Malware Uses Windows Character Map for Cryptomining
Darktrace reports new malware hijacking Windows Character Map for cryptomining, exposing risks of hidden attacks in everyday software…