Lazarus Strikes with WinorDLL64 Backdoor Discovered in Wslink Malware loader
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A newly discovered backdoor named WinorDLL64 seems to be associated with the malware downloader Wslink. This revelation suggests that Lazarus, the notorious North Korea-aligned group, may have employed this tool. WinorDLL64 …
Exploiting ChatGPT’s Popularity for Malware Distribution
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The attack on ChatGPT involved the exploitation of its widespread usage to distribute malware and carry out various cyber-attacks, including phishing and typosquatting. …
New Attack Group Clasiopa Targets Materials Research Organization in Asia with Custom Malware
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary A new attack group called Clasiopa has been observed targeting materials research organizations in Asia using a distinct toolset that includes a custom malware called Backdoor.Atharvan. It is unclear where Clasiopa …
Icarus a Versatile Infostealer with Rootkit and hVNC Capabilities
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Icarus Stealer malware is equipped with a Hidden Virtual network computing (hVNC) feature, which enables the attacker to generate a concealed desktop and traverse the compromised system without any contact …
Newly Identified Threat Actor Hydrochasma Targets Shipping Companies and Medical Laboratories in Asia
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Hydrochasma is a newly identified threat actor that has been targeting shipping companies and medical laboratories in Asia since October 2022. This group’s primary focus appears to be on intelligence gathering, …
HardBit Ransomware: A Threatening Cyber Attack Targeting Organizations with New Version 2.0
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary HardBit is a ransomware strain that focuses on extorting cryptocurrency payments from organizations in exchange for data decryption. It first emerged in October 2022, and a newer version, HardBit 2.0, surfaced …
Injection vulnerability in VMware Carbon Black App Control
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary There is an injection vulnerability in VMware, specifically in the Carbon Black App Control product. If a malicious actor, who has privileged access to the App Control administration console, utilizes specially …
DarkCloud Stealer A Multi-Stage Malware That Pilfers Sensitive data
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary DarkCloud Stealer is a type of malware distributed worldwide through spam operations and designed to pilfer sensitive information from a victim’s device. The sale of DarkCloud Stealer was reported in January …
Mylobot: A Sophisticated Botnet Malware Targeting Computers Worldwide
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Mylobot is a Windows-targeting malware and was first discovered in 2017. It has not received much attention since then, but it is noteworthy for its ability to transform the infected system …
WIP26 attacks Middle Eastern telecom service providers
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The newly discovered WIP26 threat cluster is an espionage-focused group that has been concentrating on infiltrating Middle Eastern telecom companies. To evade detection, the group heavily relies on public cloud infrastructure …