Malware analysis

APT36 Hackers Attacking Windows Deevices With ElizaRAT

APT36, a sophisticated threat actor, has been actively targeting Indian entities with advanced malware like ElizaRAT, which is designed for…

7 days ago

LummaC2 Stealer Leverages Customized Control Flow Indirection For Execution

The LummaC2 obfuscator employs a novel control flow protection scheme designed specifically for its stealer component, which is part of…

2 months ago

Threat Actors Using New Malware Toolkit That Involves IIS Backdoor, DNS Tunneling

The Iranian threat actor APT34, also known as GreenBug, has recently launched a new campaign targeting Iraqi government entities by…

2 months ago

New Custom Malware “Tickler” Attack Satellite Devices

Microsoft identified a new custom multi-stage backdoor, "Tickler," deployed by the Iranian state-sponsored threat actor Peach Sandstorm between April and…

2 months ago

Pootry EDR Killer Malware Wipes Out Security Tools From Windows Machine

Windows drivers can be abused to bypass security measures. Attackers can exploit vulnerabilities in legitimate drivers or use stolen or…

3 months ago

Hackers Toolkit Unveiled, Comprehensive Tools For Various Cyber Attacks

Hackers always keep updating their tools and add new ones to adapt to evolving security measures, bypass defenses, and exploit…

3 months ago

New APT Actor240524 Weaponizing Official Documents To Deliver Malware

A new APT group, dubbed Actor240524, launched a spear-phishing campaign targeting Azerbaijani and Israeli diplomats on July 1, 2024, where…

3 months ago

Beware Of Fake Browser Updates That Installs Malicious BOINC Infrastructre

SocGholish malware, also known as FakeUpdates, has exhibited new behavior since July 4th, 2024, as the infection chain still begins…

4 months ago

New Poco RAT Weaponizing 7zip Files Using Google Drive

The hackers weaponize 7zip files to pass through security measures and deliver malware effectively. These archived files can hide malicious…

4 months ago

New ShadowRoot Ransomware Attacking Business Via Weaponized PDF’s

X-Labs identified basic ransomware targeting Turkish businesses, delivered via PDF attachments in suspicious emails from the internet[.]ru domain.  PDF links…

4 months ago