Search cyberveille.decio.ch

Found 5 bookmarks

Custom sorting

Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia

The team at CYFIRMA analyzed a malicious Android sample designed to target high-value assets in Southern Asia. This sample, attributed to an unknown threat actor, was generated using the Spynote Remote Administration Tool. While the specifics of the targeted asset remain confidential, it is likely that such a target would attract the interest of APT groups. However, we are restricted from disclosing further details about the actual target and its specific region. For a comprehensive analysis, please refer to the detailed report

#cyfirma #EN #2024 #Unidentified #Threat #Actor #Malware #research #Android #Spynote #Remote #Administration #Tool

·cyfirma.com·Dec 9, 2024

Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia

When Guardians Become Predators: How Malware Corrupts the Protectors

We often trust our security software to stand as an unbreakable wall against malware and attacks, but what happens when that very wall is weaponized against us? Our Trellix Advanced Research Center team recently uncovered a malicious campaign that does just that. Instead of bypassing defenses, this malware takes a more sinister route: it drops a legitimate Avast Anti-Rootkit driver (aswArPot.sys) and manipulates it to carry out its destructive agenda. The malware exploits the deep access provided by the driver to terminate security processes, disable protective software, and seize control of the infected system.

#trellix #EN #2024 #research #Avast #Anti-Rootkit #driver #malware #aswArPot.sys #analysis

·trellix.com·Nov 27, 2024

When Guardians Become Predators: How Malware Corrupts the Protectors

perfctl: A Stealthy Malware Targeting Millions of Linux Servers

Perfctl is particularly elusive and persistent malware employing several sophisticated techniques

#aquasec #EN #2024 #research #Stealthy #Malware #Linux #Servers #perfctl

·aquasec.com·Oct 6, 2024

perfctl: A Stealthy Malware Targeting Millions of Linux Servers

A Dive into Earth Baku’s Latest Campaign

Since late 2022, Earth Baku has broadened its scope from the Indo-Pacific region to Europe, the Middle East, and Africa. Their latest operations demonstrate sophisticated techniques, such as exploiting public-facing applications like IIS servers for initial access and deploying the Godzilla webshell for command and control.

#trendmicro #EN #2024 #APT41 #malware #apt-&-targeted-attacks #research #EarthBaku #reports

·trendmicro.com·Aug 12, 2024

A Dive into Earth Baku’s Latest Campaign

Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft

We uncovered a malvertising campaign where the threat actor hijacks social media pages, renames them to mimic popular AI photo editors, then posts malicious links to fake websites.

#trendmicro #EN #2024 #malware #cyber-crime #research #phishing #malvertising #social #media #fake #mimic #campaign

·trendmicro.com·Aug 3, 2024

Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft