Mind the (air) gap: GoldenJackal gooses government guardrails
ESET Research analyzed two separate toolsets for breaching air-gapped systems, used by a cyberespionage threat actor known as GoldenJackal.
LummaC2: Obfuscation Through Indirect Control Flow | Google Cloud Blog
Analysis of malware samples using a technique to thwart all binary analysis tools, and hinder reverse engineering efforts.
blog | The public blog of Santander Cyber Security Research
The public blog of Santander Cyber Security Research
A Dive into Earth Baku’s Latest Campaign
Since late 2022, Earth Baku has broadened its scope from the Indo-Pacific region to Europe, the Middle East, and Africa. Their latest operations demonstrate sophisticated techniques, such as exploiting public-facing applications like IIS servers for initial access and deploying the Godzilla webshell for command and control.
BITS and Bytes: Analyzing BITSLOTH, a newly identified backdoor — Elastic Security Labs
Elastic Security Labs identified a novel Windows backdoor leveraging the Background Intelligent Transfer Service (BITS) for C2. This malware was found during a recent activity group tracked as REF8747.
CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks | Trend Micro (US)
DodgeBox | ThreatLabz
Part 1 | ThreatLabz uncovers new tooling from APT41 including DodgeBox, which uses advanced evasion techniques to deploy the MoonWalk backdoor that leverages Google Drive