This attack begins with victims unknowingly downloading a malicious ZIP archive containing an installer file that sideloads a malicious DLL. This DLL...
Vous n'êtes pas connecté
One of my hunting rules hit on potentially malicious PowerShell code. The file was an MSI package (not an MSIX, these are well-known to execute malicious scripts[1]). This file was a good old OLE package: This article has been indexed…
This attack begins with victims unknowingly downloading a malicious ZIP archive containing an installer file that sideloads a malicious DLL. This DLL...
A recent advanced malware campaign leverages a phishing attack to deliver a seemingly benign Excel file that exploits CVE-2017-0199. By exploiting...
A recent advanced malware campaign leverages a phishing attack to deliver a seemingly benign Excel file that exploits CVE-2017-0199. By exploiting...
In August 2024, researchers detected a malicious Google Chrome browser infection that led to the distribution of LummaC2 stealer malware that utilized...
In August 2024, researchers detected a malicious Google Chrome browser infection that led to the distribution of LummaC2 stealer malware that utilized...
RCE attacks on WhatsUp Gold exploited the Active Monitor PowerShell Script to execute malicious code, as the vulnerabilities CVE-2024-6670 and...
RCE attacks on WhatsUp Gold exploited the Active Monitor PowerShell Script to execute malicious code, as the vulnerabilities CVE-2024-6670 and...
Malware disguising itself as the authentic Palo Alto GlobalProtect Tool is employed by malicious actors to target Middle Eastern firms. This...
Malware disguising itself as the authentic Palo Alto GlobalProtect Tool is employed by malicious actors to target Middle Eastern firms. This...
A new Android malware called Trojan Ajina.Banker is targeting Central Asia – Discover how this malicious malware disguises… This article has been...