Tag: rat
-
Fünf KI-Use-Cases für CISOs
Tags: access, ai, business, ceo, cio, ciso, cybercrime, cybersecurity, cyersecurity, data, framework, google, incident response, mail, microsoft, phishing, rat, risk, risk-management, service, siem, soc, tool, vpn, vulnerability, vulnerability-management -
Fileless Malware Deploys Advanced RAT via Legitimate Tools
A sophisticated fileless malware campaign has been observed using legitimate tools to deliver AsyncRAT executed in memory First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/fileless-malware-deploys-advanced/
-
kkRAT Exploits Network Protocols to Exfiltrate Clipboard Data
The threat actor delivers three Remote Access Trojans (RATs)”, ValleyRAT, FatalRAT, and a newly discovered RAT dubbed kkRAT”, via phishing sites hosted on GitHub Pages. These sites masquerade as legitimate software installers for popular applications. In each instance, a ZIP archive contains a malicious executable that initiates a multi-stage attack chain designed to evade analysis,…
-
CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems
Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based remote access trojan (RAT) named ZynorRAT that can target both Windows and Linux systems.According to an analysis from Jamf Threat Labs, ChillyHell is written in C++ and is developed for Intel architectures.CHILLYHELL is the name assigned…
-
CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems
Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based remote access trojan (RAT) named ZynorRAT that can target both Windows and Linux systems.According to an analysis from Jamf Threat Labs, ChillyHell is written in C++ and is developed for Intel architectures.CHILLYHELL is the name assigned…
-
CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems
Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based remote access trojan (RAT) named ZynorRAT that can target both Windows and Linux systems.According to an analysis from Jamf Threat Labs, ChillyHell is written in C++ and is developed for Intel architectures.CHILLYHELL is the name assigned…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 61
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Operation HanKook Phantom: North Korean APT37 targeting South Korea Three Lazarus RATs coming for your cheese Malvertising Campaign on Meta Expands to Android, Pushing Advanced Crypto-Stealing Malware to Users Worldwide Android Droppers: The Silent…
-
Lazarus Subgroup Deploys Three Custom RATs in Targeted Crypto Attacks
The post Lazarus Subgroup Deploys Three Custom RATs in Targeted Crypto Attacks appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/lazarus-subgroup-deploys-three-custom-rats-in-targeted-crypto-attacks/
-
Blind Eagle’s Five Clusters Target Colombia Using RATs, Phishing Lures, and Dynamic DNS Infra
Cybersecurity researchers have discovered five distinct activity clusters linked to a persistent threat actor known as Blind Eagle between May 2024 and July 2025.These attacks, observed by Recorded Future Insikt Group, targeted various victims, but primarily within the Colombian government across local, municipal, and federal levels. The threat intelligence firm is tracking the activity under…
-
Fast-Spreading, Complex Phishing Campaign Installs RATs
Attackers not only steal credentials but also can maintain long-term, persistent access to corporate networks through the global campaign. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/fast-spreading-phishing-installs-rats
-
Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads
Cybersecurity researchers have flagged a new phishing campaign that’s using fake voicemails and purchase orders to deliver a malware loader called UpCrypter.The campaign leverages “carefully crafted emails to deliver malicious URLs linked to convincing phishing pages,” Fortinet FortiGuard Labs researcher Cara Lin said. “These pages are designed to entice recipients into downloading JavaScript First seen…
-
Fake Google Play Store Websites Deliver Potent RAT to Steal Sensitive Data
Cybersecurity researchers have uncovered a persistent campaign deploying the AndroidOS SpyNote malware, a sophisticated Remote Access Trojan (RAT) designed for surveillance, data exfiltration, and remote device control. This operation mimics legitimate Google Play Store pages for popular Android apps, tricking users into downloading malicious APK files. The campaign, linked to the same threat actor previously…
-
Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger
Cybersecurity researchers have disclosed details of a new malware loader called QuirkyLoader that’s being used to deliver via email spam campaigns an array of next-stage payloads ranging from information stealers to remote access trojans since November 2024.Some of the notable malware families distributed using QuirkyLoader include Agent Tesla, AsyncRAT, Formbook, Masslogger, Remcos RAT, First seen…
-
New GodRAT Malware Uses Screensaver and Program Files to Target Organizations
Threat actors have been deploying a novel Remote Access Trojan (RAT) dubbed GodRAT, derived from the venerable Gh0st RAT codebase, to infiltrate financial institutions, particularly trading and brokerage firms. The malware is distributed via Skype as malicious .scr (screensaver) and .pif (Program Information File) executables masquerading as legitimate financial documents, such as client lists or…
-
New GodRAT Trojan Targets Trading Firms Using Steganography and Gh0st RAT Code
Financial institutions like trading and brokerage firms are the target of a new campaign that delivers a previously unreported remote access trojan called GodRAT.The malicious activity involves the “distribution of malicious .SCR (screen saver) files disguised as financial documents via Skype messenger,” Kaspersky researcher Saurabh Sharma said in a technical analysis published today.The First seen…
-
Ein Viertel der CISOs wird nach Ransomware-Angriff entlassen
Tags: backup, ceo, cio, ciso, cyberattack, group, incident response, mail, phishing, ransomware, rat, risk, sophos, vulnerabilityNach einem Ransomware-Angriff werden CISOs oft dafür verantwortlich gemacht und gekündigt. Laut einem aktuellen Bericht von Sophos haben CISOs eine Chance von eins zu vier, dass ihr Arbeitsplatz einen erfolgreichen Ransomware-Angriff nicht übersteht. Die Ergebnisse des Berichts sind ein Weckruf für Sicherheitsverantwortliche, unabhängig davon, ob sie für solche Angriffe verantwortlich gemacht werden oder über die…
-
Watchguard zur it-sa 2025 Real-Security for the Real-World
Von Firecloud-Internet-Access über Total-MDR bis hin zu den zuletzt vorgestellten Modellen der Watchguard-Tabletop-Firewall-Appliances: Alle Lösungen, mit denen Watchguard sein Produktportfolio in jüngster Zeit ergänzt hat, folgen nur einem Ziel. Es geht darum, den Alltag von IT-Verantwortlichen in mittelständischen Unternehmen und Managed-Security-Providern (MSP), die diesen mit Rat und Tat zur Seite stehen, zu vereinfachen. Die neuen…
-
Popular npm Package Compromised in Phishing Attack
An incident involving the npm package eslint-config-prettier has been uncovered spreading Scavenger RAT First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/popular-npm-package-compromised-in/
-
How Evolving RATs Are Redefining Enterprise Security Threats
A more unified and behavior-aware approach to detection can significantly improve security outcomes. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/evolving-rats-redefine-enterprise-security-threats
-
Lazarus Hackers Use Fake Camera/Microphone Alerts to Deploy PyLangGhost RAT
North Korean state-sponsored threat actors associated with the Lazarus Group, specifically the subgroup known as Famous Chollima, have evolved their tactics by deploying a new Python-based remote access trojan (RAT) dubbed PyLangGhost. This malware represents a reimplementation of the earlier GoLangGhost RAT, exhibiting code structures indicative of AI-assisted porting, including Go-like logic patterns and extensive…
-
Discord CDN Link Abused to Deliver RAT Disguised as OneDrive File
Hackers are installing multiple RMMs like Atera and Splashtop in a new malware attack. This article details the abuse of Discord CDN link andn fake OneDrive phishing campaign discovered by Sublime Security. First seen on hackread.com Jump to article: hackread.com/discord-cdn-link-deliver-rat-disguised-onedrive-file/
-
PlayPraetor Android RAT expands rapidly across Spanish and French-speaking regions
PlayPraetor Android RAT has hit 11K+ devices, spreading fast via campaigns targeting Spanish and French speakers, say Cleafy researchers. Cleafy researchers have identified a new Android RAT called PlayPraetor, which has infected over 11,000 devices, mainly in Portugal, Spain, France, Morocco, Peru, and Hong Kong. The malware is spreading rapidly, with more than 2,000 new…
-
SAP NetWeaver Vulnerability Used in Auto-Color Malware Attack on US Firm
Darktrace uncovers the first exploit of a critical SAP NetWeaver vulnerability (CVE-2025-31324) to deploy Auto-Color backdoor malware. Learn how this evasive Linux RAT targets systems for remote code execution and how AI-powered defence thwarts multi-stage attacks. First seen on hackread.com Jump to article: hackread.com/sap-netweaver-vulnerability-auto-color-malware-us-firm/
-
Auto-Color RAT targets SAP NetWeaver bug in an advanced cyberattack
Tags: access, ai, attack, cvss, cyberattack, cybersecurity, detection, dns, flaw, malicious, malware, network, rat, sap, update, vulnerability, zero-trustThe attack stopped in its tracks: Darktrace analysts detected the suspicious ELF download and a flurry of odd DNS and SSL connections to known malicious infrastructure. The British cybersecurity outfit claims its “Autonomous Response” intervened within minutes, restricting the device to its usual, legitimate activities while analysts investigated unusual behavior.Darktrace researchers said the malware stalled…
-
‘It looks sexy but it’s wrong’ the problem with AI in biology and medicine
The case of the improbably well-endowed rat First seen on theregister.com Jump to article: www.theregister.com/2025/07/27/biomedviz_ai_wrong_problems/
-
Seeing is believing in biomedicine, which isn’t great when AI gets it wrong
‘It looks sexy but it’s wrong’ – like the improbably well-endowed rat First seen on theregister.com Jump to article: www.theregister.com/2025/07/27/biomedviz_ai_wrong_problems/
-
Russian-Aligned Hive0156 Escalates Remcos RAT Attacks on Ukrainian Government Military
The post Russian-Aligned Hive0156 Escalates Remcos RAT Attacks on Ukrainian Government Military appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/russian-aligned-hive0156-escalates-remcos-rat-attacks-on-ukrainian-government-military/