KONNI Adopts AI to Generate PowerShell Backdoors

2026-01-22 18:22:30    AlienVault

Tags: ai-generated apac backdoor ...

Detalhes IOCs

December 2025 Security Issues in Korean & Global Financial Sector

2026-01-22 13:15:09    AlienVault

Tags: africa cyber threats dark web ...

Detalhes IOCs

Analysis of HEURRemoteAdmin.GoToResolve.gen

2026-01-22 00:39:39    AlienVault

Tags: digital-signature gotoresolve heurremoteadmin.gotoresolve.gen ...

Detalhes IOCs

Malicious Configuration Changes Observed On Fortinet FortiGate Devices via SSO Accounts

2026-01-22 00:39:37    AlienVault

Tags: configuration changes cve-2025-59718 cve-2025-59719 ...

Detalhes IOCs

PurpleBravo’s Targeting of the IT Software Supply Chain

2026-01-21 22:26:37    AlienVault

Tags: astrill vpn beavertail browser credential theft ...

Detalhes IOCs

Inside MacSync's Script-Driven Stealer and Hardware Wallet App Trojanization

2026-01-21 18:46:01    AlienVault

Tags: cryptocurrency electron hardware wallet ...

Detalhes IOCs

Threat Actors Expand Abuse of Microsoft Visual Studio Code

2026-01-21 12:38:22    AlienVault

Tags: backdoor c2 contagious interview ...

Detalhes IOCs

EtherRAT Targeting Windows Disguised as a Game Mod Installer

2026-01-21 12:36:18    AlienVault

Tags: 123 stealer c2 communication cve-2025-55182 ...

Detalhes IOCs

Detailed Analysis of LockBit 5.0

2026-01-21 10:03:04    AlienVault

Tags: abcd ransomware affiliate-program choungdong ...

Detalhes IOCs

Inside a Multi-Stage Windows Malware Campaign

2026-01-20 17:50:42    AlienVault

Tags: amnesia rat data theft defendnot ...

Detalhes IOCs

Critical Privilege Escalation Vulnerability in Modular DS plugin affecting 40k+ Sites exploited in the wild

2026-01-20 17:02:57    AlienVault

Tags: active exploitation cve-2026-23550 cve-2026-23800 ...

Detalhes IOCs

Operation Nomad Leopard: Targeted Spear-Phishing Campaign Against Government Entities in Afghanistan

2026-01-20 08:51:25    AlienVault

Tags: afghanistan data-exfiltration falsecub ...

Detalhes IOCs

Operation Covert Access: Weaponized LNK-Based Spear-Phishing Targeting Argentina's Judicial Sector to Deploy a Covert RAT

2026-01-20 08:48:18    AlienVault

Tags: anti-analysis argentina judicial-sector ...

Detalhes IOCs

From Extension to Infection: An In-Depth Analysis of the Evelyn Stealer Campaign Targeting Software Developers

2026-01-20 08:41:07    AlienVault

Tags: anti-analysis techniques browser injection evelyn stealer ...

Detalhes IOCs

Analyzing the MonetaStealer macOS Threat

2026-01-19 09:41:58    AlienVault

Tags: chrome cryptocurrency keychain ...

Detalhes IOCs

New Remcos Campaign Distributed Through Fake Shipping Document

2026-01-19 09:40:15    AlienVault

Tags: cve-2017-11882 fileless malware phishing ...

Detalhes IOCs

VoidLink threat analysis: C2-compiled kernel rootkits discovered

2026-01-19 09:35:38    AlienVault

Tags: c2 cloud containers ...

Detalhes IOCs

PDFSIDER Malware - Exploitation of DLL Side-Loading for AV and EDR Evasion

2026-01-18 18:38:18    AlienVault

Tags: aes-256-gcm anti-vm apt ...

Detalhes IOCs

Operation Poseidon: Spear-Phishing Attacks Abusing Google Ads Redirection Mechanisms

2026-01-18 18:38:17    AlienVault

Tags: autoit autoitrat endrat ...

Detalhes IOCs

Dissecting CrashFix: A New Toy

2026-01-17 13:17:09    AlienVault

Tags: anti-analysis browser extension crashfix ...

Detalhes IOCs

Analyzing React2Shell Threat Actors

2026-01-17 13:17:08    AlienVault

Tags: botnet cve-2017-9841 cve-2019-9082 ...

Detalhes IOCs

December 2025 Infostealer Trend Report

2026-01-16 20:33:26    AlienVault

Tags: acrstealer cryptocurrency theft dll sideloading ...

Detalhes IOCs

Targets critical infrastructure sectors in North America

2026-01-16 13:31:45    AlienVault

Tags: active directory apt certipy ...

Detalhes IOCs

HUMINT Operations Uncover Cryptojacking Campaign: Discord-Based Distribution of Clipboard Hijacking Malware Targeting Cryptocurrency Communities

2026-01-15 17:16:58    AlienVault

Tags: clipboard hijacking cryptocurrency theft gaming communities ...

Detalhes IOCs

CastleLoader Malware Analysis: Full Execution Breakdown

2026-01-15 15:37:01    AlienVault

Tags: castleloader credential theft evasion ...

Detalhes IOCs

Hunting Lazarus: Inside the Contagious Interview C2 Infrastructure

2026-01-15 15:25:29    AlienVault

Tags: backdoor beavertail cryptocurrency ...

Detalhes IOCs

Command & Evade: Turla's Kazuar v3 Loader

2026-01-15 15:21:06    AlienVault

Tags: amsi bypass etw bypass evasion ...

Detalhes IOCs

Targeted espionage leveraging geopolitical themes

2026-01-15 12:03:35    AlienVault

Tags: backdoor dll sideloading espionage ...

Detalhes IOCs

Inside China's Hosting Ecosystem: 18,000+ Malware C2 Servers Mapped Across Major ISPs

2026-01-15 12:03:35    AlienVault

Tags: apt arl asyncrat ...

Detalhes IOCs

Sicarii Ransomware: Truth vs Myth

2026-01-15 11:45:54    AlienVault

Tags: cve-2025-64446 data exfiltration encryption ...

Detalhes IOCs

Trial, Error, and Typos: Why Some Malware Attacks Aren't as 'Sophisticated' as You Think

2025-12-23 01:59:50    AlienVault

Tags: iis web server malware deployment persistence techniques ...

Detalhes IOCs

Indian Income Tax-Themed Phishing Campaign Targets Local Businesses

2025-12-22 17:06:59    AlienVault

Tags: china-linked data harvesting income tax ...

Detalhes IOCs

UNG0801: Tracking Threat Clusters obsessed with AV Icon Spoofing targeting Israel

2025-12-22 17:06:57    AlienVault

Tags: av icon spoofing dropbox israel ...

Detalhes IOCs

Evasive SideWinder APT Campaign Detected

2025-12-20 17:19:05    AlienVault

Tags: apt cloud storage dll side-loading ...

Detalhes IOCs

Attempts to sniff out governmental affairs in Southeast Asia and Japan

2025-12-19 16:22:33    AlienVault

Tags: apt china-aligned cloud services ...

Detalhes IOCs

Access granted: phishing with device code authorization for account takeover

2025-12-18 13:28:15    AlienVault

Tags: account takeover phishing squarephish2

Detalhes IOCs

Inside DPRK Operations: New Infrastructure Uncovered Across Global Campaigns

2025-12-18 09:40:34    AlienVault

Tags: badcall blindingcan dprk ...

Detalhes IOCs

GachiLoader: Defeating Node.js Malware with API Tracing

2025-12-17 21:22:38    AlienVault

Tags: anti-analysis api tracing gachiloader ...

Detalhes IOCs

BlueDelta’s Persistent Campaign Against UKR.NET

2025-12-17 20:07:25    AlienVault

Tags: credential harvesting gru ngrok ...

Detalhes IOCs

UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager

2025-12-17 20:07:24    AlienVault

Tags: apt aquapurge aquashell ...

Detalhes IOCs

Parked Domains Become Weapons with Direct Search Advertising

2025-12-17 14:28:37    AlienVault

Tags: babar direct search advertising dns abuse ...

Detalhes IOCs

A new campaign by the ForumTroll APT group

2025-12-17 12:52:27    AlienVault

Tags: apt com hijacking dante ...

Detalhes IOCs

BlindEagle Targets Colombian Government Agency with Caminho and DCRAT

2025-12-17 02:49:03    AlienVault

Tags: dcrat discord powershell ...

Detalhes IOCs

Kimsuky Distributing Malicious Mobile App via QR Code

2025-12-16 14:57:28    AlienVault

Tags: apk decryption docswap ...

Detalhes IOCs

Infrastructure of Interest: Medium Confidence Detection

2025-08-07 07:39:42    AlienVault

Tags:

Detalhes IOCs

Infrastructure of Interest: Medium Confidence FastFlux

2025-08-07 07:34:03    AlienVault

Tags:

Detalhes IOCs

Infrastructure of Interest: Medium Confidence InfoStealer

2025-08-07 07:31:55    AlienVault

Tags:

Detalhes IOCs

Infrastructure of Interest: Medium Confidence Command And Control

2025-08-07 07:29:37    AlienVault

Tags:

Detalhes IOCs

Infrastructure of Interest: Medium Confidence Phishing

2025-08-07 07:20:01    AlienVault

Tags:

Detalhes IOCs

The BlueNoroff cryptocurrency hunt is still on

2022-01-13 14:37:40    AlienVault

Tags: BlueNoroff cryptocurrencies data theft ...

Detalhes IOCs