Goffloader: In-Memory Execution, No Disk Required
The security company Praetorian has released GoffLoader, a tool designed to simplify the execution of BOF files and unmanaged Cobalt Strike PE files directly in memory, without writing any files...
The security company Praetorian has released GoffLoader, a tool designed to simplify the execution of BOF files and unmanaged Cobalt Strike PE files directly in memory, without writing any files...
Proofpoint researchers have unearthed a suspected espionage campaign distributing custom malware dubbed “Voldemort.” This operation, impacting over 70 organizations worldwide, combines common and uncommon techniques to deliver a backdoor capable...
Cybersecurity researchers at Trend Micro have uncovered a significant expansion in the activities of Earth Baku, a sophisticated advanced persistent threat (APT) group. Previously focused on the Indo-Pacific region, Earth...
A recent report from Cisco Talos has revealed a sophisticated cyberattack targeting a Taiwanese government-affiliated research institute. The attack, believed to have been carried out by the Chinese state-sponsored group...
A newly identified cyberespionage group, dubbed TAG-100 by cybersecurity firm Recorded Future, has been linked to a series of sophisticated attacks targeting high-profile government, intergovernmental, and private sector organizations worldwide....
In a recent report, Unit 42 researchers have revealed a concerning trend: threat actors are increasingly exploiting publicly available Cobalt Strike profiles to mask their malicious activities and bypass security...
Cyble Research and Intelligence Labs (CRIL) has uncovered a sophisticated cyber campaign linked to the threat actor group UNC1151, known for its ties to the Belarusian government and its involvement...
FortiGuard Labs has recently unveiled a sophisticated cyberattack that leverages an Excel file embedded with a VBA macro to deploy a DLL file. This multi-stage malware strategy ultimately delivers the...
Cybersecurity firm Rapid7 has uncovered a widespread malvertising campaign that is actively targeting individuals searching for popular utilities like WinSCP and PuTTY. This sophisticated attack uses malicious ads on common...
Rapid7 analysts have uncovered a new, highly targeted social engineering campaign potentially linked to the Black Basta ransomware group. This multi-pronged attack begins with overwhelming users with spam emails, followed...
In a recently released report, Trend Micro reveals details of a new advanced persistent threat (APT) campaign they’ve named Earth Krahang. This China-nexus threat actor demonstrates alarming sophistication, with an...
Cybersecurity researchers at Kroll have unveiled a worrisome advancement in the notorious SPARKRAT malware toolkit. A new, never-before-seen loader written in Golang is being actively used to sneak SPARKRAT onto...
In December 2023, Elastic Security Labs uncovered a sophisticated cyber intrusion, dubbed REF0657, targeting a financial services organization in South Asia. This intrusion was notable for its utilization of a...
In the ever-evolving landscape of cyber threats, a new name has emerged with a notorious reputation – Pikabot. This loader malware, actively employed in spam campaigns by the threat actor...
Kerbeus-BOF Beacon Object Files for Kerberos abuse. This is an implementation of some important features of the Rubeus project, written in C. The project features integration with the C2 frameworks Cobalt Strike and Havoc. Download...
Cyber Security / Malware / Vulnerability
ENISA Calls for Urgent Action as EU Cyberattacks Reach Record High
September 23, 2024