Blog
-
CoinLurker: The Stealer Powering the Next Generation of Fake Updates
CoinLurker is a sophisticated stealer designed to exfiltrate data while evading detection. Written in Go, it employs advanced obfuscation and…
-
New Yokai Sideloaded Backdoor Targets Thai Officials
A new backdoor named Yokai has been discovered targeting Thai officials. The malware is distributed via RAR files containing shortcut…
-
New Yokai Sideloaded Backdoor Targets Thai Officials
A new backdoor named Yokai has been discovered targeting Thai officials. The malware is distributed via RAR files containing shortcut…
-
Widespread Exploitation of Cleo File Transfer Software
Critical vulnerabilities in Cleo file transfer products, including VLTrader, Harmony, and LexiCom, are being actively exploited. Initially stemming from an…
-
Declawing PUMAKIT
PUMAKIT is a sophisticated multi-stage Linux malware consisting of a dropper, memory-resident executables, an LKM rootkit, and a userland rootkit.…
-
Declawing PUMAKIT
PUMAKIT is a sophisticated multi-stage Linux malware consisting of a dropper, memory-resident executables, an LKM rootkit, and a userland rootkit.…
-
Crypted Hearts: Exposing the HeartCrypt PackerasaService Operation
This analysis examines HeartCrypt, a new packer-as-a-service (PaaS) used to protect malware. Developed since July 2023 and launched in February…
-
Crypted Hearts: Exposing the HeartCrypt PackerasaService Operation
This analysis examines HeartCrypt, a new packer-as-a-service (PaaS) used to protect malware. Developed since July 2023 and launched in February…
-
Exploit attempts inspired by recent Struts2 File Upload Vulnerability (CVE-2024-53677, CVE-2023-5016
[Exploit attempts inspired by recent Struts2 File Upload Vulnerability (CVE-2024-53677, CVE-2023-50164)](/forums/diary/Exploit+attempts+inspired+by+recent+Struts2+File+Upload+Vulnerability+CVE202453677+CVE202350164/31520/)==============================================================================================================================================================================================================================* * [](http://www.facebook.com/sharer.php?u=https%3A%2F%2Fisc.sans.edu%2Fforums%2Fdiary%2F31520 ‘Share on Facebook’)* [](http://twitter.com/share?text=Exploit%20attempts%20inspired%20by%20recent%20Struts2%20File%20Upload%20Vulnerability%20%28CVE-2024-53677%2C%20CVE-2023-50164%29&url=https%3A%2F%2Fisc.sans.edu%2Fforums%2Fdiary%2F31520&via=SANS_ISC ‘Share on Twitter’)…
-
Cobalt Strike Beacon Detected – 43[.]242[.]202[.]166:80
* [Cobalt Strike](https://www.redpacketsecurity.com/category/cobalt-strike/)Cobalt Strike Beacon Detected — 43-[.-]242-[.-]202-[.-]166:80==============================================================[December 15, 2024](https://www.redpacketsecurity.com/2024/12/) Cobalt Strike Beacon Detection Alerts > The Information provided at…