GitHub

AV bypass using the shellcode loader 'Shellcodeloader'

It is a shellcode loader that uses encryption to get around AV solutions such as Windows Defender. > The tool is composed of a generator (Shellcodeloader.exe) and numerous loader templates. There are ...
Bitdefender

FamousSparrow APT Targets Azerbaijani Oil and Gas Industry

I'd like to thank my co-author, Martin Zugec, for his valuable contributions to this report. This intrusion adds three dimensions to the public understanding of Chinese APT activity in contested ...
Infosecurity-magazine.com

Fake Claude AI Site Drops Beagle Backdoor on Windows Users

A fraudulent imitation of Anthropic's Claude website has been used to distribute a previously undocumented backdoor named Beagle, deployed through a Dynamic Link Library (DLL) sideloading chain that ...
GitHub

Sickle - Payload Development Kit

Sickle is a tool I originally developed to help me be more effective, in both developing and understanding shellcode. However, throughout the course of its development and usage It has evolved into a ...
Security Boulevard

Middle East Conflict Fuels Opportunistic Cyber Attacks

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...
TechRepublic

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more. A new social engineering campaign is abusing ...
The Hacker News

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEAD#VAX that employs a mix of "disciplined tradecraft and clever abuse of legitimate system features" to bypass ...
Fox News

Fake Windows update pushes malware in new ClickFix attack

Cybercriminals keep getting better at blending into the software you use every day. Over the past few years, we've seen phishing pages that copy banking portals, fake browser alerts that claim your ...
Gizmochina

Updated ClickFix malware impersonates Windows update to steal your passwords, browser cookies, banking logins

A sneaky new strain of the ClickFix malware is making the rounds, and it’s going after the easiest victim of all: anyone who trusts a Windows update prompt. Security researchers at Huntress say the ...
The Hacker News

JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers

Cybersecurity researchers are calling attention to a new campaign that's leveraging a combination of ClickFix lures and fake adult websites to deceive users into running malicious commands under the ...
Hosted on MSN

Fresh ClickFix attacks use Windows Update trick-pics to steal credentials

A fresh wave of ClickFix attacks is using fake Windows update screens to trick victims into downloading infostealer malware.… ClickFix is a type of social engineering technique that tricks users into ...