#EN #2024 #en #Tool

Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia

The team at CYFIRMA analyzed a malicious Android sample designed to target high-value assets in Southern Asia. This sample, attributed to an unknown threat actor, was generated using the Spynote Remote Administration Tool. While the specifics of the targeted asset remain confidential, it is likely that such a target would attract the interest of APT groups. However, we are restricted from disclosing further details about the actual target and its specific region. For a comprehensive analysis, please refer to the detailed report

#cyfirma #EN #2024 #Unidentified #Threat #Actor #Malware #research #Android #Spynote #Remote #Administration #Tool

·cyfirma.com·Dec 9, 2024

Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia

SmokeBuster Tool

ThreatLabz has developed a tool named SmokeBuster to detect, analyze, and remediate infections. SmokeBuster supports 32-bit and 64-bit instances of SmokeLoader and versions 2017-2022. The tool is compatible with Windows 7 to Windows 11. SmokeLoader is a malware downloader that originated in 2011. The malware is primarily designed to deliver second-stage payloads, which include information stealers and ransomware. Despite a major disruption by Operation Endgame in May 2024, SmokeLoader continues to be used by numerous threat groups largely due to numerous cracked versions publicly available on the internet. The last four versions of SmokeLoader contain coding flaws that significantly impact an infected system’s performance.

#zscaler #EN #2024 #tool #SmokeBuster #SmokeLoader #Operation-Endgame

·zscaler.com·Nov 4, 2024

SmokeBuster Tool

Cybercriminals Transform Raspberry Pi into a Tool for Fraud and Anonymization: GEOBOX Discovery

#resecurity #EN #2024 #Raspberry-Pi #GEOBOX #analysis #tool #Fraud #Anonymization

·resecurity.com·Mar 29, 2024

Cybercriminals Transform Raspberry Pi into a Tool for Fraud and Anonymization: GEOBOX Discovery

Microsoft Copilot for Security: General Availability details

Microsoft Copilot for Security will be generally available on April 1st. Read this blog to learn about new productivity research, product capabilities,..

#techcommunity.microsoft #EN #2024 #AI #Microsoft #Copilot #for #Security #annonce #tool

·techcommunity.microsoft.com·Mar 20, 2024

Microsoft Copilot for Security: General Availability details

Mail in the middle – a tool to automate spear phishing campaigns

The idea is simple; take advantage of the typos that people make when they enter email addresses. If we positioned ourselves in between the sender of an email (be it a person or a system) and the legitimate recipient, we may be able to capture plenty of information about the business, including personally identifiable information, email verification processes, etc. This scenario is effectively a Person-in-the-Middle (PiTM), but for email communications.

#Orange-Cyberdefence #sensepost #2024 #EN #Typosquatting #tool #mail #domain

·sensepost.com·Mar 3, 2024

Mail in the middle – a tool to automate spear phishing campaigns

Avast Updates Babuk Ransomware Decryptor in Cooperation with Cisco Talos and Dutch Police

Avast is releasing an updated version of the Avast Babuk decryption tool, capable of restoring files encrypted by the Babuk variant called Tortilla.

#avast #EN #2024 #Babuk #decryption #tool #Tortilla

·decoded.avast.io·Jan 9, 2024

Avast Updates Babuk Ransomware Decryptor in Cooperation with Cisco Talos and Dutch Police