Vice Society Ransomware uses PolyVice Payload
Vice Society ransomware gang is now using a new custom payload in its recent cyberattacks. The ransomware variant, dubbed PolyVice, was first seen in the wild in July, but it was…
Posted inSecurity
Emotet Directs Cobalt Strike Now !
Emotet now directly installs the Cobalt Strike Beacon, giving threat actors immediate network access and making ransomware attacks imminent. Ironically, Emotet is a malware that spreads by spam emails containing…
Atom Silo Ransomware
Atom Silo, a newly spotted ransomware group, is targeting a recently patched and actively exploited Confluence Server and Data Center vulnerability to deploy their ransomware payloads. Last month,Atlassian issued security…
Vermilion Cobalt Strike
Security researchers have identified a reimplementation of the infamous Cobalt Strike Beacon payload, which features completely new code. Dubbed Vermilion Strike, the malware can be used to target Linux and Windows devices…
FIN7 Drops Payloads
A recent spear-phishing attacks conducted by financially motivated threat actor FIN7 using weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript backdoor.…
KONNI RAT ! Russian Campaign
A new and ongoing malware campaign targetting Russia. The payload dropped by threat actors in this attack is the Konni RAT being used by the North Korean Black Hat group…
BlueLight Payload
Researchers from Volexity recently investigated a Strategic Web Compromise of the Daily NK website by InkySquid. The targeted site is an online newspaper based in South Korea that posts news…
Kaseya VSA Fake Update
Threat actors are trying to capitalize on the ongoing Kaseya ransomware attack crisis by targeting potential victims in a spam campaign pushing Cobalt Strike payloads disguised as Kaseya VSA security…