Cascading Shadows: An Attack Chain Approach to Avoid Detection and Complicate Analysis

In December 2024, Palo Alto Unit 42 researchers uncovered an attack chain that employs distinct, multi-layered stages to deliver malware like Agent Tesla variants, Remcos RAT or XLoader. Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass Read More …

Unmasking Styx Stealer: How a Hacker’s Slip Led to an Intelligence Treasure Trove

In the shadowy world of cybercrime, even the most cunning hackers can make blunders that expose their operations. In this article CPR describes the discovery of Styx Stealer, a new malware variant derived from the notorious Phemedrone Stealer. Check Point Read More …

Threat Actors Exploit CVE-2017-11882 To Deliver Agent Tesla

First discovered in 2014, Agent Tesla is an advanced keylogger with features like clipboard logging, screen keylogging, screen capturing, and extracting stored passwords from different web browsers. Recently, Zscaler ThreatLabz detected a threat campaign where threat actors leverage CVE-2017-11882 XLAM Read More …

The Unseen Layers: Exploring The Tactics Of Multistage .NET Malware Packers

Recently, the SonicWall Capture Labs Threat Research team has identified a new .NET Packer that is currently being widely used by the various stealers such as Lokibot, AgentTesla etc. In the ever-evolving landscape of cybersecurity threats, malicious actors continue to Read More …

New Agent Tesla Variant Being Spread by Crafted Excel Document

FortiGuard Labs captured a phishing campaign that spreads a new Agent Tesla variant. This well-known malware family uses a .Net-based Remote Access Trojan (RAT) and data stealer to gain initial access. It is often used for Malware-as-a-Service (MaaS). FortiGuard Labs Read More …

Online scamming fraud: three Nigerians arrested in INTERPOL Operation Killer Bee

The Economic and Financial Crimes Commission (EFCC) arrested the suspects in a sting operation conducted simultaneously in the Lagos suburb of Ajegunle and in Benin City, 300 km to the East of the commercial capital. The Nigerian sting operation comes Read More …

Malicious PowerPoint files used to push remote access trojans

Since December 2021, a growing trend in phishing campaigns has emerged that uses malicious PowerPoint documents to distribute various types of malware, including remote access and information-stealing trojans. According to a report by Netskope’s Threat Labs shared with Bleeping Computer Read More …