Sep 09, 2023THNMalware / Hacking A legitimate Windows tool used for creating software packages called Advanced Installer is being abused by threat actors to drop cryptocurrency-mining malware on infected machines since at least November 2021. "The attacker uses Advanced Installer to package other legitimate software installers, such as Adobe Illustrator, Autodesk 3ds Max, and … [Read more...] about Cybercriminals Weaponizing Legitimate Advanced Installer Tool in Crypto-Mining Attacks
tool
New AI Tool Allows Cybercriminals to Launch Sophisticated Cyber Attacks
Jul 15, 2023THNArtificial Intelligence / Cyber Crime With generative artificial intelligence (AI) becoming all the rage these days, it's perhaps not surprising that the technology has been repurposed by malicious actors to their own advantage, enabling avenues for accelerated cybercrime. According to findings from SlashNext, a new generative AI cybercrime tool called WormGPT … [Read more...] about New AI Tool Allows Cybercriminals to Launch Sophisticated Cyber Attacks
DDoSia Attack Tool Evolves with Encryption, Targeting Multiple Sectors
The threat actors behind the DDoSia attack tool have come up with a new version that incorporates a new mechanism to retrieve the list of targets to be bombarded with junk HTTP requests in an attempt to bring them down. The updated variant, written in Golang, "implements an additional security mechanism to conceal the list of targets, which is transmitted from the … [Read more...] about DDoSia Attack Tool Evolves with Encryption, Targeting Multiple Sectors
Vice Society Ransomware Using Stealthy PowerShell Tool for Data Exfiltration
Apr 17, 2023Ravie LakshmananRansomware / Cyber Attack Threat actors associated with the Vice Society ransomware gang have been observed using a bespoke PowerShell-based tool to fly under the radar and automate the process of exfiltrating data from compromised networks. "Threat actors (TAs) using built-in data exfiltration methods like [living off the land binaries and … [Read more...] about Vice Society Ransomware Using Stealthy PowerShell Tool for Data Exfiltration
Microsoft Takes Legal Action to Disrupt Cybercriminals’ Illegal Use of Cobalt Strike Tool
Apr 07, 2023Ravie Lakshmanan Microsoft said it teamed up with Fortra and Health Information Sharing and Analysis Center (Health-ISAC) to tackle the abuse of Cobalt Strike by cybercriminals to distribute malware, including ransomware. To that end, the tech giant's Digital Crimes Unit (DCU) revealed that it secured a court order in the U.S. to "remove illegal, legacy copies of … [Read more...] about Microsoft Takes Legal Action to Disrupt Cybercriminals’ Illegal Use of Cobalt Strike Tool
New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool
Feb 11, 2023Ravie LakshmananRansomware / Endpoint Security After the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a decryptor for affected victims to recover from ESXiArgs ransomware attacks, the threat actors have bounced back with an updated version that encrypts more data. The emergence of the new variant was reported by a system administrator on … [Read more...] about New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool
Nighthawk Likely to Become Hackers’ New Post-Exploitation Tool After Cobalt Strike
A nascent and legitimate penetration testing framework known as Nighthawk is likely to gain threat actors' attention for its Cobalt Strike-like capabilities. Enterprise security firm Proofpoint said it detected the use of the software in mid-September 2022 with a number of test emails sent using generic subject lines such as "Just checking in" and "Hope this works2." However, … [Read more...] about Nighthawk Likely to Become Hackers’ New Post-Exploitation Tool After Cobalt Strike
Introducing Sandbox Scryer: A Free Threat Hunting Tool
Sandbox Scryer is an open-source tool for producing threat hunting and intelligence data from public sandbox detonation output The tool leverages the MITRE ATT&CK Framework to organize and prioritize findings, assisting in assembling indicators of compromise (IOCs), understanding attack movement and hunting threats By allowing researchers to send thousands of samples to a … [Read more...] about Introducing Sandbox Scryer: A Free Threat Hunting Tool
Google Uncovers Tool Used by Iranian Hackers to Steal Data from Email Accounts
The Iranian government-backed actor known as Charming Kitten has added a new tool to its malware arsenal that allows it to retrieve user data from Gmail, Yahoo!, and Microsoft Outlook accounts. Dubbed HYPERSCRAPE by Google Threat Analysis Group (TAG), the actively in-development malicious software is said to have been used against less than two dozen accounts in Iran, with the … [Read more...] about Google Uncovers Tool Used by Iranian Hackers to Steal Data from Email Accounts
Chinese Experts Uncover Details of Equation Group’s Bvp47 Covert Hacking Tool
Researchers from China's Pangu Lab have disclosed details of a "top-tier" backdoor put to use by the Equation Group, an advanced persistent threat (APT) with alleged ties to the cyber-warfare intelligence-gathering unit of the U.S. National Security Agency (NSA). Dubbed "Bvp47" owing to numerous references to the string "Bvp" and the numerical value "0x47" used in the … [Read more...] about Chinese Experts Uncover Details of Equation Group’s Bvp47 Covert Hacking Tool