Similar to a recently reported issue in GitHub, users can abuse the “comments” feature in GitLab to upload malware to any repository without the repository owner’s knowledge.
While similar to IcedID, Proofpoint researchers confirmed it is an entirely new malware, likely created by the IcedID developers. Latrodectus shares infrastructure overlap with historic IcedID operations.
Today, we are going to look at one of the similar campaigns which is delivered via email as a PDF attachment and ends up downloading a RAT leaving the system infected. The email here is an example of scamming and brand impersonation where sender is seeking a refund of a reservation made at Booking.com and […]
While the effectiveness of this feature is yet to be verified by security researchers or Google, the existence of similar claims by another malware suggests that there may be an exploitable vulnerability in session cookies.