Topic: command execution
-
Russian APT28 Deploys 'NotDoor' Backdoor to Target Microsoft Outlook
A new sophisticated backdoor called NotDoor, attributed to Russian state-aligned group APT28, targets Microsoft Outlook to exfiltrate data and execute remote commands. The malware uses obfuscated VBA code and triggers from specific email phrases to deploy malicious actions, while employing evasio...
Read More » -
Legit Tools Turned Malicious: Velociraptor and Nezha Weaponized
Legitimate open-source tools Velociraptor and Nezha are being weaponized by threat actors to maintain access, evade detection, and deploy ransomware or malware on enterprise systems. A China-linked ransomware group exploited an outdated Velociraptor version with a privilege escalation flaw to dep...
Read More »
