Cybersecurity

From Water to Wine: An Analysis of WINELOADER | Splunk

The simplified version of this python tool is available here. IOC FileName SHA256 vcruntime140.dll 72b92683052e0c813890caf7b4f8bfd331a8b2afc324dd545d46138f677178c4 d0a8fa332950b72968bdd1c8a1a0824dd479220d044e8c89a7dea4434b741750 YARA Rule: import “pe”rule possible_wine_loader_export_function {meta:author = “@tccontre18 – Br3akp0int”description = “possible wine loader export function setup code”date = “2024-04-03″sha256 = “72b92683052e0c813890caf7b4f8bfd331a8b2afc324dd545d46138f677178c4″strings:$exp_loader = {48 83 EC 08 48 8D 0D ?? ?? ?? ?? 48 C7 C2 28 80 00 […]

Cybersecurity

New Phishing Campaign Targets Oil & Gas with Evolved Data-Stealing Malware

Apr 04, 2024NewsroomPhishing Attack / Malware An updated version of an information-stealing malware called Rhadamanthys is being used in phishing campaigns targeting the oil and gas sector. “The phishing emails use a unique vehicle incident lure and, in later stages of the infection chain, spoof the Federal Bureau of Transportation in a PDF that mentions […]

Cybersecurity

Linux Version of DinodasRAT Spotted in Cyber Attacks Across Several Countries

Mar 28, 2024NewsroomLinux / Network Security A Linux version of a multi-platform backdoor called DinodasRAT has been detected in the wild targeting China, Taiwan, Turkey, and Uzbekistan, new findings from Kaspersky reveal. DinodasRAT, also known as XDealer, is a C++-based malware that offers the ability to harvest a wide range of sensitive data from compromised […]

Cybersecurity

GhostLocker 2.0 Haunts Businesses Across Middle East, Africa & Asia

Cybercriminals have developed an enhanced version of the infamous GhostLocker ransomware that they are deploying in attacks across the Middle East, Africa, and Asia. Two ransomware groups, GhostSec and Stormous, have joined forces in the attack campaigns with double-extortion ransomware attacks using the new GhostLocker 2.0 to infect organizations in Lebanon, Israel, South Africa, Turkey, […]

Cybersecurity

Kali Linux 2024.1 released: New tools, new look, new Kali Nethunter kernels – Help Net Security

OffSec has released Kali Linux 2024.1, the latest version of its popular penetration testing and digital forensics platform. The new version comes with new tools, a fresh look (themes, wallpapers and icons for Kali and Kali Purple), a new image viewer for the Gnome desktop and a usability enhancement to the Xfce desktop (the ability […]

Cybersecurity

Raspberry Robin Worm Rides on New One-Day Flaws to Launch Stealthy Attacks | Cyware Hacker News

A new version of the Raspberry Robin worm has been found exploiting two new one-day vulnerabilities to launch stealthy attacks. According to a report from Check Point, the attacks have been since October 2023, and have targeted organizations worldwide.  Recently, Raspberry Robin made headlines for expanding its attacks to the financial and insurance sectors in […]