HijackLoader continues to become increasingly popular among adversaries for deploying additional payloads and tooling A recent HijackLoader variant employs sophisticated techniques to enhance its complexity and defense evasion CrowdStrike detects this new HijackLoader variant using machine learning and behavior-based detection capabilities CrowdStrike researchers have identified a HijackLoader (aka IDAT Loader) sample that employs sophisticated evasion […]
Payloads recently found on compromised Ivanti Connect Secure appliances could be from the same, sophisticated threat actor, according to incident response provider Synacktiv. A new malware analysis from Synacktiv researcher Théo Letailleur showed that the 12 Rust payloads discovered by Volexity as part of its investigation into two Ivanti Connect Secure VPN remote code execution […]
A Mirai botnet variant tracked as IZ1H9 has updated its arsenal with 13 new exploit payloads to target various Linux-based routers, IP cameras, and other IoT devices. These exploits target vulnerabilities in D-Link, TP-Link, Zyxel, Netis, Sunhillo SureLine, Geutebruck, Yealink Device Management, Zyxel, TP-Link Archer, Korenix JetWave, and TOTOLINK devices. The significant evolution in the […]