Verticals Targeted: Government, Defense, Telecommunications, Finance, NGO, IT services
Executive Summary
Scarred Manticore, a threat actor group associated with Iran’s MOIS, was observed using Liontail framework in an espionage campaign.
Recent Posts
Executive Summary
XWorm is a .NET based, modular, multi-purpose malware family most often used as a RAT. CERT Polska analyzed an Xworm sample distributed via malspam containing an .lzh file.
Related Families: CurKeep, CurCore, CurLog, CurLu, StylerServ
Verticals Targeted: Telecommunications, Government
Executive Summary
The Stayin Alive campaign, perpetrated by ToddyCat, was observed targeting telecommunications and government entities in Asia.
Related Families: Megazord
Verticals Targeted: Manufacturing, Business Services, Construction, Education, Finance, Legal Services, Retail, Architecture, Engineering and Design, and Investment Banking
Executive Summary
Akira ransomware, active since April 2023, was recently observed targeting Windows and Linux systems.
Executive Summary
Mirai IZ1H9, a newer variant of Mirai, is being used to infect Linux devices for use in a DDoS campaign.
Executive Summary
AresLoader is a loader malware-as-a-service (MaaS) active in the wild since at least November 2022. AresLoader is designed to masquerade as legitimate software, while covertly downloading malicious payloads.
Executive Summary
BunnyLoader is a recently discovered malware-as-a-service (MaaS) threat being sold on multiple forums. It was released in September 2023 and appears to be under active development, with feature updates and bug fixes available.
Verticals Targeted: Government