PIKABOT, I choose you!
Elastic Security Labs observed new PIKABOT campaigns, including an updated version. PIKABOT is a widely deployed loader malicious actors utilize to distribute additional payloads.
New Go-based Malware Loader Discovered I Arctic Wolf
Arctic Wolf Labs has discovered, based on recent intrusion observations, a new Go-based malware loader named CherryLoader
Loader activity for Formbook "QM18"
Loader activity for Formbook "QM18", Author: Brad Duncan
Bumblebee: increasing its capacity and evolving its TTPs
The spring of 2022 saw a spike in activity of Bumblebee loader, a recent threat that has garnered a lot of attention due to its many links to several well-known malware families.
Bumblebee: increasing its capacity and evolving its TTPs
The spring of 2022 saw a spike in activity of Bumblebee loader, a recent threat that has garnered a lot of attention due to its many links to several well-known malware families.
THREAT ANALYSIS REPORT: Bumblebee Loader – The High Road to Enterprise Domain Control
Cybereason GSOC observed distribution of the Bumblebee Loader and post-exploitation activities including privilege escalation, reconnaissance and credential theft. Bumblebee operators use the Cobalt Strike framework throughout the attack and abuse credentials for privilege escalation to access Active Directory, as well as abusing a domain administrator account to move laterally, create local user accounts and exfiltrate data...
THREAT ANALYSIS REPORT: Bumblebee Loader – The High Road to Enterprise Domain Control
Cybereason GSOC observed distribution of the Bumblebee Loader and post-exploitation activities including privilege escalation, reconnaissance and credential theft. Bumblebee operators use the Cobalt Strike framework throughout the attack and abuse credentials for privilege escalation to access Active Directory, as well as abusing a domain administrator account to move laterally, create local user accounts and exfiltrate data...
THREAT ANALYSIS REPORT: Bumblebee Loader – The High Road to Enterprise Domain Control
Cybereason GSOC observed distribution of the Bumblebee Loader and post-exploitation activities including privilege escalation, reconnaissance and credential theft. Bumblebee operators use the Cobalt Strike framework throughout the attack and abuse credentials for privilege escalation to access Active Directory, as well as abusing a domain administrator account to move laterally, create local user accounts and exfiltrate data...
SVCReady: A New Loader Gets Ready
Don’t let cyber threats get the best of you. Read our post, SVCReady: A New Loader Gets Ready, to learn more about cyber threats and cyber security.
SVCReady: A New Loader Gets Ready
Don’t let cyber threats get the best of you. Read our post, SVCReady: A New Loader Gets Ready, to learn more about cyber threats and cyber security.
SVCReady: A New Loader Gets Ready
Don’t let cyber threats get the best of you. Read our post, SVCReady: A New Loader Gets Ready, to learn more about cyber threats and cyber security.