Woody RAT: A new feature-rich malware spotted in the wild
The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
Woody RAT: A new feature-rich malware spotted in the wild
The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
Woody RAT: A new feature-rich malware spotted in the wild
The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
Woody RAT: A new feature-rich malware spotted in the wild
The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
Woody RAT: A new feature-rich malware spotted in the wild
The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
Woody RAT: A new feature-rich malware spotted in the wild
The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
Woody RAT: A new feature-rich malware spotted in the wild
The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
Stolen certificates in two waves of ransomware and wiper attacks | Securelist
In this report, we compare the ROADSWEEP ransomware and ZEROCLEARE wiper versions used in two waves of attacks against Albanian government organizations.
CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange
At the end of September, GTSC reported the finding of two 0-day vulnerabilities in Microsoft Exchange Server, CVE-2022-41040 and CVE-2022-41082. The cybersecurity community dubbed the pair of vulnerabilities ProxyNotShell.
Schoolyard Bully Trojan Facebook Credential Stealer - Zimperium
Zimperium zLabs has discovered a new Android threat campaign, the Schoolyard Bully Trojan, which has been active since 2018 and has spread to over 300,000 victims and is specifically targeting Facebook credentials. To learn more about this new threat, read more on our blog.
Malware on the Google Play store leads to harmful phishing sites
A family of malicious apps from developer Mobile apps Group are listed on Google Play and infected with Android/Trojan.HiddenAds.BTGTHB. In total, four apps are listed, and together they have amassed at least one million downloads. Older versions of these apps have been detected in the past as different variants of Android/Trojan.HiddenAds. Yet, the developer is still on Google Play dispensing its latest HiddenAds malware.
Banking Trojan Techniques: Financially Motivated Malware
Understanding banking Trojan techniques can help detect other activities of financially motivated threat groups.
Malicious WhatsApp mod distributed through legitimate apps
The malicious version of YoWhatsApp messenger, containing Triada trojan, was spreading through ads in the popular Snaptube app and the Vidmate app's internal store.
NullMixer drops Redline Stealer, SmokeLoader and other malware | Securelist
NullMixer is a dropper delivering a number of Trojans, such as RedLine Stealer, SmokeLoader, Satacom, and others.
Two more malicious Python packages in the PyPI
We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI.
Woody RAT: A new feature-rich malware spotted in the wild
The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
The Trojan Horse Malware & Password “Cracking” Ecosystem Targeting Industrial Operators
Learn more about Dragos's discovery of an exploit introduced through password "cracking" software that targets industrial engineers and operators.
Stolen certificates in two waves of ransomware and wiper attacks | Securelist
In this report, we compare the ROADSWEEP ransomware and ZEROCLEARE wiper versions used in two waves of attacks against Albanian government organizations.
CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange
At the end of September, GTSC reported the finding of two 0-day vulnerabilities in Microsoft Exchange Server, CVE-2022-41040 and CVE-2022-41082. The cybersecurity community dubbed the pair of vulnerabilities ProxyNotShell.
Schoolyard Bully Trojan Facebook Credential Stealer - Zimperium
Zimperium zLabs has discovered a new Android threat campaign, the Schoolyard Bully Trojan, which has been active since 2018 and has spread to over 300,000 victims and is specifically targeting Facebook credentials. To learn more about this new threat, read more on our blog.
Malware on the Google Play store leads to harmful phishing sites
A family of malicious apps from developer Mobile apps Group are listed on Google Play and infected with Android/Trojan.HiddenAds.BTGTHB. In total, four apps are listed, and together they have amassed at least one million downloads. Older versions of these apps have been detected in the past as different variants of Android/Trojan.HiddenAds. Yet, the developer is still on Google Play dispensing its latest HiddenAds malware.
Banking Trojan Techniques: Financially Motivated Malware
Understanding banking Trojan techniques can help detect other activities of financially motivated threat groups.
Malicious WhatsApp mod distributed through legitimate apps
The malicious version of YoWhatsApp messenger, containing Triada trojan, was spreading through ads in the popular Snaptube app and the Vidmate app's internal store.
NullMixer drops Redline Stealer, SmokeLoader and other malware | Securelist
NullMixer is a dropper delivering a number of Trojans, such as RedLine Stealer, SmokeLoader, Satacom, and others.
Two more malicious Python packages in the PyPI
We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI.
Woody RAT: A new feature-rich malware spotted in the wild
The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
The Trojan Horse Malware & Password “Cracking” Ecosystem Targeting Industrial Operators
Learn more about Dragos's discovery of an exploit introduced through password "cracking" software that targets industrial engineers and operators.
Two more malicious Python packages in the PyPI
We used our internal automated system for monitoring open-source repositories and discovered two other malicious Python packages in the PyPI.
Woody RAT: A new feature-rich malware spotted in the wild
The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
The Trojan Horse Malware & Password “Cracking” Ecosystem Targeting Industrial Operators
Learn more about Dragos's discovery of an exploit introduced through password "cracking" software that targets industrial engineers and operators.