RAT Trojan – Page 2 – WindowsTechs.com

IT threat evolution Q3 2022

Posted on November 18, 2022 by David Emm

Recent APT campaigns, a sophisticated UEFI rootkit, new ransomware for Windows, Linux and ESXi, attacks on foreign and crypto-currency exchanges, and malicious packages in online code repositories. Continue reading IT threat evolution Q3 2022→

APT trends report Q3 2022

Posted on November 1, 2022 by GReAT

This is our latest summary of advanced persistent threat (APT) activities, focusing on events that we observed during Q3 2022. Continue reading APT trends report Q3 2022→

VileRAT: DeathStalker’s continuous strike at foreign and cryptocurrency exchanges

Posted on August 10, 2022 by Pierre Delcher, Giampaolo Dedola

VileRAT is a Python implant, part of an evasive and highly intricate attack campaign against foreign exchange and cryptocurrency trading companies. Continue reading VileRAT: DeathStalker’s continuous strike at foreign and cryptocurrency exchanges→

VileRAT: DeathStalker’s continuous strike at foreign and cryptocurrency exchanges

Posted on August 10, 2022 by Pierre Delcher, Giampaolo Dedola

A new secret stash for “fileless” malware

Posted on May 4, 2022 by Denis Legezo

We observed the technique of putting the shellcode into Windows event logs for the first time “in the wild” during the malicious campaign. It allows the “fileless” last stage Trojan to be hidden from plain sight in the file system. Continue reading A new secret stash for “fileless” malware→

APT trends report Q1 2022

Posted on April 27, 2022 by GReAT

This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q1 2022. Continue reading APT trends report Q1 2022→

MysterySnail attacks with Windows zero-day

Posted on October 12, 2021 by Boris Larin, Costin Raiu

We detected attacks with the use of an elevation of privilege exploit on multiple Microsoft Windows servers. Variants of the malware payload used along with the zero-day exploit were detected in widespread espionage campaigns. We are calling this cluster of activity MysterySnail. Continue reading MysterySnail attacks with Windows zero-day→

SAS 2021: Operation Software Concepts

Posted on October 12, 2021 by Securelist

Experts from NTT Security (Japan) will cover a new APT named Operation Software Concepts. They will share details about this multi-stage attack campaign targeting government and defense sector. Continue reading SAS 2021: Operation Software Concepts→

Ferocious Kitten: 6 years of covert surveillance in Iran

Posted on June 16, 2021 by GReAT

Ferocious Kitten is an APT group that has been targeting Persian-speaking individuals in Iran. Some of the TTPs used by this threat actor are reminiscent of other groups, such as Domestic Kitten and Rampant Kitten. In this report we aim to provide more details on these findings. Continue reading Ferocious Kitten: 6 years of covert surveillance in Iran→

APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign

Posted on March 30, 2021 by Suguru Ishimaru

A41APT is a long-running campaign with activities detected from March 2019 to the end of December 2020. Most of the discovered malware families are fileless malware and they have not been seen before. Continue reading APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign→