Found 3 bookmarks
Custom sorting
Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia
Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia
The team at CYFIRMA analyzed a malicious Android sample designed to target high-value assets in Southern Asia. This sample, attributed to an unknown threat actor, was generated using the Spynote Remote Administration Tool. While the specifics of the targeted asset remain confidential, it is likely that such a target would attract the interest of APT groups. However, we are restricted from disclosing further details about the actual target and its specific region. For a comprehensive analysis, please refer to the detailed report
#cyfirma#EN#2024#Unidentified#Threat#Actor#Malware#research#Android#Spynote#Remote#Administration#Tool
·cyfirma.com·
Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia
Nighthawk: An Up-and-Coming Pentest Tool Likely to Gain Threat Actor Notice | Proofpoint US
Nighthawk: An Up-and-Coming Pentest Tool Likely to Gain Threat Actor Notice | Proofpoint US
Key Takeaways * Nighthawk is an advanced C2 framework intended for red team operations through commercial licensing. * Proofpoint researchers observed initial use of the framework in September 2022 by a likely red team. * We have seen no indications at this time that leaked versions of Nighthawk are being used by attributed threat actors in the wild. * The tool has a robust list of configurable evasion techniques that are referenced as “opsec” functions throughout its code. P* roofpoint researchers expect Nighthawk will show up in threat actor campaigns as the tool becomes more widely recognized or as threat actors search for new, more capable tools to use against targets.
#proofpoint#EN#2022#redteam#tool#Nighthawk#C2#framework#threat
·proofpoint.com·
Nighthawk: An Up-and-Coming Pentest Tool Likely to Gain Threat Actor Notice | Proofpoint US
Nighthawk: An Up-and-Coming Pentest Tool Likely to Gain Threat Actor Notice | Proofpoint US
Nighthawk: An Up-and-Coming Pentest Tool Likely to Gain Threat Actor Notice | Proofpoint US
Key Takeaways * Nighthawk is an advanced C2 framework intended for red team operations through commercial licensing. * Proofpoint researchers observed initial use of the framework in September 2022 by a likely red team. * We have seen no indications at this time that leaked versions of Nighthawk are being used by attributed threat actors in the wild. * The tool has a robust list of configurable evasion techniques that are referenced as “opsec” functions throughout its code. P* roofpoint researchers expect Nighthawk will show up in threat actor campaigns as the tool becomes more widely recognized or as threat actors search for new, more capable tools to use against targets.
#proofpoint#EN#2022#redteam#tool#Nighthawk#C2#framework#threat
·proofpoint.com·
Nighthawk: An Up-and-Coming Pentest Tool Likely to Gain Threat Actor Notice | Proofpoint US