Topic: powershell scripts

Sort by: Relevance | Date
  • Russian Hackers Hide Malware in Linux VMs Using Hyper-V
    November 5, 2025
    87%

    Russian Hackers Hide Malware in Linux VMs Using Hyper-V

    The Russian cyber-espionage group Curly COMrades uses Microsoft's Hyper-V to hide malware in concealed Linux virtual machines, evading standard security measures and targeting entities aligned with Russian interests. Attackers deploy a minimal Alpine Linux VM hosting custom tools like CurlyShell ...

    Read More »
  • Akira Ransomware Hijacks Victim's Remote Management Tool
    September 30, 2025
    87%

    Akira Ransomware Hijacks Victim's Remote Management Tool

    Hackers used the trusted Datto RMM tool and a Living Off The Land strategy to deploy Akira ransomware, disguising their actions as normal IT operations to avoid detection. The attack was halted by Barracuda Managed XDR, which detected the encryption activity and immediately isolated the compromis...

    Read More »
  • Inside the Qilin Ransomware Investigation
    November 23, 2025
    80%

    Inside the Qilin Ransomware Investigation

    Security analysts must creatively piece together limited digital evidence from various sources to reconstruct cyberattacks, as investigations are often complicated by incomplete visibility and delayed tool deployment. In a Qilin ransomware case, investigators used antivirus alerts and Windows log...

    Read More »
  • EntraGoat: Simulate Identity Security Risks in Microsoft Entra ID
    August 13, 2025
    80%

    EntraGoat: Simulate Identity Security Risks in Microsoft Entra ID

    EntraGoat is an open-source tool that simulates real-world vulnerabilities in Microsoft Entra ID environments, enabling hands-on learning without affecting live systems. The platform offers self-contained test environments with privilege escalation scenarios, guided walkthroughs, and interactive ...

    Read More »
  • GitHub Abused in Malware-as-a-Service Attack Campaign
    July 18, 2025
    75%

    GitHub Abused in Malware-as-a-Service Attack Campaign

    Security researchers found a malware campaign using GitHub repositories to distribute threats like SmokeLoader and AsyncRAT via a malware-as-a-service model, linked to the Amadey botnet and Emmenhtal loaders. Attackers shifted from phishing emails to hosting malicious scripts on GitHub, exploitin...

    Read More »
  • Experts: Uninstall These 12 Windows Apps Now
    December 18, 2025
    65%

    Experts: Uninstall These 12 Windows Apps Now

    Bloatware on new Windows computers slows system performance by consuming resources and raises privacy concerns through data collection. Many pre-installed applications, like promotional games and redundant tools, are safe to remove to reclaim storage and streamline the system. Specific apps such ...

    Read More »

Related Topics

ransomware attack (2) github account takedown (1) reverse shell (1) advertisements in apps (1) security evasion (1) windows event logs (1) entragoat tool (1) hyper-v abuse (1)