August 2, 2024 at 06:48AM Proofpoint reports that threat actors have been misusing Cloudflare Tunnels for six months to distribute various remote access trojan (RAT) families. The attackers used the TryCloudflare feature since February 2024 to create one-time tunnels and deliver malware payloads through phishing messages. The attacks have impacted organizations globally, with the threat … Read more
April 10, 2024 at 10:52AM A new phishing campaign aimed at Microsoft Windows users deploys various malware, including VenomRAT, Remcos RAT, NanoCore RAT, and XWorm. The attackers use phishing emails with malicious attachments to infiltrate systems, aiming to steal critical data and establish persistence. Vigilance, education, and robust cybersecurity measures are crucial for mitigating such … Read more
April 9, 2024 at 04:15AM Cybersecurity researchers have uncovered a complex multi-stage attack using invoice-themed phishing emails to distribute various malware, including Venom RAT, Remcos RAT, and others. The attack utilizes BatCloak obfuscation and ScrubCrypt to deliver obfuscated batch scripts, ultimately executing malware such as Venom RAT and a wallet-stealing plugin. The attack demonstrates sophisticated … Read more
April 2, 2024 at 01:51AM TA558, a threat actor targeting the Latin America region, has launched a large-scale phishing campaign to deploy Venom RAT. Primarily focusing on hotel, travel, trading, financial, manufacturing, industrial, and government sectors in multiple countries, it aims to harvest sensitive data and remotely control systems. Additionally, malvertising campaigns delivering malware are … Read more