Threat actors’ use of Microsoft OneNote to spread Qakbot marks a novel malware distribution strategy. Our researchers detail how they deobfuscated and unpacked it, and extracted its configurations. Read more. https://bit.ly/3mlVyPV
🗣TrellixARC


🎖@malwr

Mandiant, in partnership with the SonicWall PSIRT team, has identified a suspected Chinese campaign running malware on SonicWall devices. The malware has functionality to steal user credentials, provide shell access, and persist through firmware upgrades. https://www.mandiant.com/resources/blog/suspected-chinese-persist-sonicwall
🗣virusbtn


🎖@malwr

Fortinet researchers analyse ScrubCrypt and other malware delivered by the 8220 Gang threat actor on an exploitable Oracle Weblogic Server. https://www.fortinet.com/blog/threat-research/old-cyber-gang-uses-new-crypter-scrubcrypt
🗣virusbtn


🎖@malwr

Businesses in IT, healthcare, and manufacturing industries suffered the most ransomware attacks in the fourth quarter of 2022. https://research.trendmicro.com/3ZdZTU2
🗣TrendMicroRSRCH


🎖@malwr

We've updated the vx-underground malware sample collection. We've added 54,258 samples.

Special thanks to petikvx

Check it out here: https://www.vx-underground.org/malware.html
🗣vxunderground


🎖@malwr

📍📍📍Please forward posts to the other groups 📍📍📍

Linux Malware Families，What else is popular?
🗣panda_zheng


🎖@malwr

AhnLab ASEC researchers look into attacks against poorly managed MS-SQL servers. The threat actors used not only Cobalt Strike but also the Netcat tool in their attacks, along with other malware for privilege escalation, information theft & proxy tools. https://asec.ahnlab.com/en/49249/
🗣virusbtn


🎖@malwr

#Fortinet released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. More: http://cisa.gov/news-events/alerts/2023/03/09/fortinet-releases-march-2023-vulnerability-advisories #Cybersecurity #InfoSec #VulnerabilityManagement
🗣CISACyber


🎖@malwr