cobalt strike
The Not-So-Secret Network Access Broker x999xx
Credit to Author: BrianKrebs| Date: Wed, 03 Jul 2024 16:41:34 +0000
Most accomplished cybercriminals go out of their way to separate their real names from their hacker handles. But among certain old-school Russian hackers it is not uncommon to find major players who have done little to prevent people from figuring out who they are in real life. A case study in this phenomenon is “x999xx,” the nickname chosen by a venerated Russian hacker who specializes in providing the initial network access to various ransomware groups.
Read moreConnectWise ScreenConnect attacks deliver malware
Credit to Author: Andrew Brandt| Date: Fri, 23 Feb 2024 10:40:38 +0000
Multiple attacks exploit vulnerabilities in an IT remote access tool to deliver a variety of different payloads into business environments
Read moreWarning issued over increased activity of TrueBot malware
Categories: News Categories: Ransomware Tags: TrueBot Tags: Cl0p Tags: Silence Group Tags: CVE-2022-31199 Tags: Raspberry Robin Tags: FlawedGrace Tags: Cobalt Strike Tags: Teleport CISA, the FBI, the MS-ISAC, and the CCCS have warned about increased activity of the TrueBot malware in the US and Canada. |
The post Warning issued over increased activity of TrueBot malware appeared first on Malwarebytes Labs.
Read moreThe Phantom Menace: Brute Ratel remains rare and targeted
Credit to Author: gallagherseanm| Date: Thu, 18 May 2023 11:00:58 +0000
The commercial attack tool’s use by bad actors has faded after an initial flurry, while Cobalt Strike remains the go-to post-exploitation tool for many.
Read moreUpdate now! GoAnywhere MFT zero-day patched
Categories: News Tags: GoAnywhere MFT Tags: managed file transfer Tags: Kevin Beaumont Tags: Brian Krebs Tags: emergency patch 7.1.2 Tags: Fortra Tags: Cobalt Strike Tags: Florian Hauser Tags: Code White A bug in GoAnywhere, a B2B management file transfer software, could lead to a serious supply chain attack if left unpatched. Update now! |
The post Update now! GoAnywhere MFT zero-day patched appeared first on Malwarebytes Labs.
Read moreSilence is golden partner for Truebot and Clop ransomware
Categories: News Categories: Ransomware Tags: Silence Tags: TA505 Tags: Clop ransomware Tags: Truebot Tags: Grace Tags: Cobalt Strike Tags: Teleport Tags: FIN11 Researchers have identified two new Truebot botnets that are using new versions of the Truebot downloader Trojan to infiltrate and explore a target’s network. |
The post Silence is golden partner for Truebot and Clop ransomware appeared first on Malwarebytes Labs.
Read moreA week in security (July 11 – July 17)
Credit to Author: Malwarebytes Labs| Date: Mon, 18 Jul 2022 10:22:29 +0000
The most important and interesting computer security stories from the last week.
The post A week in security (July 11 – July 17) appeared first on Malwarebytes Labs.
Read moreCobalt Strikes again: UAC-0056 continues to target Ukraine in its latest campaign
Credit to Author: Threat Intelligence Team| Date: Wed, 13 Jul 2022 16:17:09 +0000
While the war in Ukraine still rages, various threat actors continue to launch cyber attacks against its government entities. In this blog we review the latest campaign from the UAC-0056 threat group.
The post Cobalt Strikes again: UAC-0056 continues to target Ukraine in its latest campaign appeared first on Malwarebytes Labs.
Read moreTelerik UI exploitation leads to cryptominer, Cobalt Strike infections
Credit to Author: Matt Wixey| Date: Wed, 15 Jun 2022 11:00:05 +0000
Attacker targets bugs in a popular web application graphical interface development tool
Read more