Tag: rat
-
Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns
by
in SecurityNewsThe FBI has issued a warning about the Hiatus RAT malware targeting Xiongmai and Hikvision web cameras and DVRs, urging users isolate these devices from networks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/webcams-vulnerable-hiatusrat-fbi/
-
Neue Angriffskette von TA397 verbreitet Spionage-RATs
by
in SecurityNewsDie Security-Experten von Proofpoint haben einen neuen Angriff der APT-Gruppe TA397 (auch unter dem Namen ‘Bitter” bekannt) näher analysiert. Die untersuchte Attacke richtete sich gegen eine Organisation aus der türkischen Rüstungsbranche und fand im November 2024 statt. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/neue-angriffskette-von-ta397-verbreitet-spionage-rats
-
Microsoft Teams Vishing Spreads DarkGate RAT
A thwarted attack demonstrates that threat actors using yet another delivery method for the malware, which already has been spread using phishing emails, malvertising, hijacking of instant messages, and SEO poisoning. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/vishing-via-microsoft-teams-spreads-darkgate-rat
-
Remcos RAT Malware Evolves with New Techniques
Cyber-attacks involving Remcos RAT surged in Q3 2024, enabling attackers to control victim machines remotely, steal data and carry out espionage First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/remcos-rat-malware-evolves-new/
-
Hackers Target Android Users via WhatsApp to Steal Sensitive Data
Researchers analyzed a malicious Android sample created using Spynote RAT, targeting high-value assets in Southern Asia, which, likely deployed by an unknown threat actor, aims to compromise sensitive information. Although the target’s precise location and nature have not been disclosed, its high-value nature suggests that advanced persistent threat (APT) groups may be interested in it. …
-
SpyNote RAT Targets High-Value Individuals in Southern Asia
by
in SecurityNewsCybersecurity researchers at CYFIRMA have uncovered a sophisticated cyberattack targeting high-value individuals in Southern Asia. Leveraging the SpyNote Remote Administration Tool (RAT), an unknown threat actor designed a malicious Android... First seen on securityonline.info Jump to article: securityonline.info/spynote-rat-targets-high-value-individuals-in-southern-asia/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 23
by
in SecurityNewsSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. SmokeLoader Attack Targets Companies in Taiwan LogoFAIL Exploited to Deploy Bootkitty, the first UEFI bootkit for Linux Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT DroidBot: Insights from a new Turkish MaaS fraud operation RedLine, A […]…
-
New DroidBot Android Spyware Targeting Banking and Crypto Users
DroidBot, a sophisticated Android RAT, is targeting individuals and financial institutions across Europe. First seen on hackread.com Jump to article: hackread.com/droidbot-android-spyware-hit-banking-crypto-users/
-
This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges
by
in SecurityNewsAs many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan (RAT) called DroidBot.”DroidBot is a modern RAT that combines hidden VNC and overlay attack techniques with spyware-like capabilities, such as keylogging and user interface monitoring,” Cleafy researchers Simone Mattia, Alessandro First seen…
-
Widespread RAT compromise via bogus emails, JavaScript payloads detailed
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/widespread-rat-compromise-via-bogus-emails-javascript-payloads-detailed
-
‘Horns&Hooves’ Malware Campaign Hits Over 1,000 Victims
Russian Threat Actor Delivers NetSupport RAT, BurnsRAT via Fake Requests. A malware campaign targeting Russian retailers and service businesses aims to deploy remote access tools and install infostealer malware. Kaspersky dubbed the campaign Horns&Hooves, after a fake organization set up by fraudsters in the 1931 Soviet satirical novel The Little Golden Calf. First seen on…
-
ElizaRAT Exploits Google, Telegram, Slack Services For C2 Communications
by
in SecurityNewsAPT36, a Pakistani cyber-espionage group, has recently upgraded its arsenal with ElizaRAT, a sophisticated Windows RAT that, initially detected in 2023, employs advanced evasion tactics and robust C2 capabilities to target Indian government agencies, diplomatic personnel, and military installations. The group leverages multiple platforms, including Windows, Linux, and Android, to broaden its attack surface as…
-
Horns&Hooves Campaign Delivers RATs via Fake Emails and JavaScript Payloads
A newly discovered malware campaign has been found to target private users, retailers, and service businesses mainly located in Russia to deliver NetSupport RAT and BurnsRAT.The campaign, dubbed Horns&Hooves by Kaspersky, has hit more than 1,000 victims since it began around March 2023. The end goal of these attacks is to leverage the access afforded…
-
Check Point entdeckt neue Verbreitungsmethode von RAT Remcos
by
in SecurityNewsCheck Points Ransomware Index beleuchtet Erkenntnisse von sogenannten Ransomware Shame Sites. Diese werden von Ransomware-Gruppen betrieben, die mit D… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-entdeckt-neue-verbreitungsmethode-von-rat-remcos/a37059/
-
Check Point deckt Android-Malware Rafel RAT auf
by
in SecurityNewsDie Entdeckung von Rafel RAT zeigt, wie vielseitig und gefährlich Android-Malware sein kann und unterstreicht die Notwendigkeit ständiger Wachsamkeit … First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-deckt-android-malware-rafel-rat-auf/a37641/
-
Cloudy With a Chance of RATs: Unveiling APT36 and the Evolution of ElizaRAT
by
in SecurityNewsntroduction APT36, also known as Transparent Tribe, is a Pakistan-basedthreat actor notorious for persistently targeting Indian government organizatio… First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2024/the-evolution-of-transparent-tribes-new-malware/
-
Chinese APT Hackers Using Multiple Tools And Vulnerabilities To Attack Telecom Orgs
by
in SecurityNews
Tags: apt, attack, backdoor, china, control, cyber, exploit, government, group, hacker, infrastructure, rat, tool, vulnerabilityEarth Estries, a Chinese APT group, has been actively targeting critical sectors like telecommunications and government entities since 2023. They employ advanced techniques, including exploiting vulnerabilities, lateral movement, and deploying multiple backdoors like GHOSTSPIDER, SNAPPYBEE, and MASOL RAT, which have impacted Southeast Asia significantly. The group makes use of a sophisticated command and control infrastructure…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 20
by
in SecurityNewsSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. New Campaign Uses Remcos RAT to Exploit Victims Bengal cat lovers in Australia get psspsspss’d in Google-driven…
-
Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails
by
in SecurityNewsA newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine.The vulnerability in question, CVE-2024-43451 (CVSS score: 6.5), refers to an NTLM hash disclosure spoofing vulnerability that could be exploited to steal a user’s NTLMv2 hash. It was…
-
‘Top 10’ malware strain, Remcos RAT, now exploiting Microsoft Excel files
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/excel-doc-loaded-with-remcos-rat-lets-attackers-gain-backdoor-access
-
Remcos RAT Now Exploiting Microsoft Excel Files
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36584/Remcos-RAT-Now-Exploiting-Microsoft-Excel-Files.html
-
Revamped Remcos RAT Deployed Against Microsoft Windows Users
by
in SecurityNews
Tags: exploit, malicious, microsoft, office, rat, remote-code-execution, risk, tool, vulnerability, windowsWindows users are at risk for full device takeover by an emerging malicious version of the Remcos remote admin tool, which is being used in an ongoing campaign exploiting a known remote code execution (RCE) vulnerability in Microsoft Office and WordPad. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/revamped-remcos-rat-microsoft-windows-users
-
New Remcos RAT Variant Targets Windows Users Via Phishing
The new Remcos RAT variant identified in a new phishing campaign exploits CVE-2017-0199 via malicious Excel files First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/remcos-rat-variant-targets-windows/
-
A new fileless variant of Remcos RAT observed in the wild
Fortinet researchers discovered a new phishing campaign spreading a variant of the commercial malware Remcos RAT. Fortinet’s FortiGuard Labs recently uncovered a phishing campaign spreading a new variant of the Remcos RAT. Remcos is a commercial remote administration tool (RAT) that is sold online to allow buyers remote control over computers. Threat actors use Remcos…
-
Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware
by
in SecurityNews
Tags: computer, control, cybercrime, cybersecurity, exploit, fortinet, malware, phishing, rat, threatCybersecurity researchers have discovered a new phishing campaign that spreads a new fileless variant of known commercial malware called Remcos RAT.Remcos RAT “provides purchases with a wide range of advanced features to remotely control computers belonging to the buyer,” Fortinet FortiGuard Labs researcher Xiaopeng Zhang said in an analysis published last week.”However, threat actors have…
-
Hackers Use Excel Files to Deliver Remcos RAT Variant on Windows
by
in SecurityNewsThis article explains the inner workings of the Remcos RAT, a dangerous malware that uses advanced techniques to… First seen on hackread.com Jump to article: hackread.com/hackers-use-excel-files-remcos-rat-variant-windows/
-
Pakistani Hackers Targeted High-Profile Indian Entities using Custom RAT
by
in SecurityNewsFirst seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/pakistan-hackers-high-profile/