Category: Threat Intel Reports


  • Flare-On 11 Challenge Solutions

    Threat Intelligence Flare-On 11 Challenge Solutions===============================November 8, 2024 * [](https://x.com/intent/tweet?text=Flare-On%2011%20Challenge%20Solutions%20@googlecloud&url=https://cloud.google.com/blog/topics/threat-intelligence/flareon-11-challenge-solutions)* [](https://www.linkedin.com/shareArticle?mini=true&url=https://cloud.google.com/blog/topics/threat-intelligence/flareon-11-challenge-solutions&title=Flare-On%2011%20Challenge%20Solutions)* [](https://www.facebook.com/sharer/sharer.php?caption=Flare-On%2011%20Challenge%20Solutions&u=https://cloud.google.com/blog/topics/threat-intelligence/flareon-11-challenge-solutions)* [](mailto:?subject=Flare-On%2011%20Challenge%20Solutions&body=Check%20out%20this%20article%20on%20the%20Cloud%20Blog:%0A%0AFlare-On%2011%20Challenge%20Solutions%0A%0AThe%20eleventh%20Flare-On%20challenge%20is%20now%20over!%20Come%20check%20out%20the%20solutions,%20and%20see%20how%20many%20people%20finished.%0A%0Ahttps://cloud.google.com/blog/topics/threat-intelligence/flareon-11-challenge-solutions) ##### MandiantWritten by: Nick Harbour*** ** *…


  • Unmasking Phishing: Strategies for identifying 0ktapus domains and beyond

    This analysis examines phishing tactics used by threat actors, particularly focusing on the 0ktapus group. It outlines techniques for investigating…


  • Analysis of AsyncRATs Infection Tactics via Open Directories

    This analysis explores two distinct methods used to infect systems with AsyncRAT through open directories. The first technique involves a…


  • Wreaking havoc in cyberspace: threat actors experiment with pentest tools

    Recent research reveals adversaries increasingly using the Havoc post-exploitation framework to bypass cybersecurity systems. Two campaigns utilizing this framework were…


  • Investigating a SharePoint Compromise: IR Tales from the Field

    An incident response investigation uncovered an attacker who exploited a SharePoint vulnerability (CVE-2024-38094) to gain initial access. The attacker remained…


  • G700: The Next Generation of Craxs RAT

    G700 RAT, an advanced variant of Craxs RAT, targets Android devices and cryptocurrency applications. It employs sophisticated techniques like privilege…


  • Attacker Abuses Victim Resources to Reap Rewards from Titan Network

    An attacker exploited the Atlassian Confluence vulnerability CVE-2023-22527 to achieve remote code execution for cryptomining via the Titan Network. The…


  • Cryptocurrency Enthusiasts Targeted in MultiVector Supply Chain Attack

    A sophisticated malware campaign targeting cryptocurrency enthusiasts has been uncovered, utilizing multiple attack vectors including a malicious Python package on…


  • LastPass Warns of Hackers Misusing Reviews for Fake Support Numbers

    LastPass has alerted users about a social engineering campaign targeting customers through fraudulent 5-star reviews on the Chrome Web Store.…


  • Ngioweb Proxy

    This pulse contains IOCs related to Ngioweb Infrastructure. Additions are automatically added based on OTX sandboxed samples. Author: AlienVault Related…