evasive
-
Rapid7 Labs has uncovered a sophisticated malware campaign employing the newly identified CleverSoar installer, a highly evasive threat targeting Chinese and Vietnamese-speaking users. With advanced evasion techniques and layered malicious components like the Winos4.0 framework and Nidhogg rootkit, the CleverSoar campaign signifies a targeted espionage effort with serious implications.
-
Predictions by: Nico Chiaraviglio, Chief Scientist and Krishna Vishnubhotla, VP Product Strategy & Threat Intelligence
-
A recent report from the Checkmarx Security Research Team reveals a sophisticated supply chain attack targeting the NPM ecosystem. The attack involves a malicious package, jest-fet-mock, which uses Ethereum smart contracts to manage its command-and-control (C2) infrastructure. This malware targets Windows, Linux, and macOS, marking a new level of complexity in supply chain attacks, especially…
-
In a recent discovery, ESET researchers unveiled “CloudScout,” a sophisticated cyberespionage toolset employed by the advanced persistent threat (APT) group called Evasive Panda. This China-aligned group has reportedly used CloudScout to infiltrate the networks of government and religious organizations in Taiwan. The toolset primarily exploits stolen browser session cookies to access and exfiltrate data from…
-
Hackers often target cloud services due to their vast attack surface and the widespread presence of vulnerabilities.
-
We provide the first construction of compact Functional Encryption (FE) for pseudorandom functionalities from the evasive LWE and LWE assumptions. Intuitively, a pseudorandom functionality means that the output of the circuit is indistinguishable from uniform for every input seen by the adversary. This yields the first compact FE for a nontrivial class of functions which…
-
Recently, cybersecurity researchers from Insikt Group have identified a resurgence of Predator spyware infrastructure, previously believed to be largely inactive due to public exposure and U.S. government sanctions. Despite these setbacks, Intellexa, the entity behind Predator, has reengineered its spyware delivery system, allowing it to continue operating while evading detection.
-
Cybersecurity researchers at eSentire’s Threat Response Unit (TRU) have uncovered a sophisticated phishing campaign distributing the AsyncRAT remote access trojan (RAT) coupled with the Infostealer plugin. The attack employs deceptive tactics to bypass security defenses and infiltrate victim systems.
-
Cybersecurity experts have detailed a sophisticated new memory-only dropper linked to a multi-stage malware infection process. This dropper, dubbed PEAKLIGHT, poses a massive threat due to its stealthy operations and complex attack chain.
-
The cyber espionage group dubbed Evasive Panda (also known as StormBamboo and previously tracked as StromCloud) compromised an unnamed Internet Service Provider (ISP) in mid-2023 to push malicious software updates to target entities.
-
A China-based cyber-espionage group compromised an internet service provider (ISP) to spread malware in 2023, researchers said Friday, confirming a hunch expressed in an earlier report about the same operation.
-
Researchers discovered a new malware loader named SquidLoader targeting Chinese organizations, which arrives as an executable disguised as a Word document attached to phishing emails.
-
Jun 20, 2024NewsroomMalware / Cyber Attack Cybersecurity researchers have uncovered a new evasive malware loader named SquidLoader that spreads via phishing campaigns targeting Chinese organizations.
-
Executive Summary LevelBlue Labs recently discovered a new highly evasive loader that is being delivered to specific targets through phishing attachments. A loader is a type of malware used to load second-stage payload malware onto a victim’s system. Due to the lack of previous samples observed in the wild, LevelBlue Labs has named this malware “SquidLoader,” given…
-
We present a general framework for constructing attribute-based encryption (ABE) schemes for arbitrary function class based on lattices from two ingredients, i) a noisy linear secret sharing scheme for the class and ii) a new type of inner-product functional encryption (IPFE) scheme, termed *evasive* IPFE, which we introduce in this work. We propose lattice-based evasive IPFE schemes…
-
Attackers are exploiting Reflected Cross-Site Scripting (XSS) flaws to bypass security filters, according to a new report from Vipre. This technique allows attackers to send benign links in phishing emails that will redirect users to malicious sites.
-
Security researchers at Zscaler have uncovered a new anti-analysis feature in recent iterations of the Zloader malware (versions 2.4.1.0 and 2.5.1.0), making it significantly more difficult for analysts to study and potentially increasing the threat it poses.
-
Apr 19, 2024NewsroomCyber Espionage / Threat Intelligence
-
Kaspersky Labs researchers have revealed a new, targeted malware campaign dubbed “DuneQuixote” with a focus on government entities within the Middle East. The campaign, active since at least February 2023, utilizes a custom malware known as “CR4T” alongside droppers that go to great lengths to avoid detection.
-
Thought to be neutralized last year, the notorious QakBot malware has re-emerged with updated techniques designed to evade detection and re-establish itself as a potent force in the threat landscape. Security analysts at Binary Defense have dissected a recent QakBot campaign, revealing new anti-analysis tricks and an innovative persistence mechanism.