Perfctl Campaign Exploits Millions of Linux Servers for Crypto Mining and Proxyjacking

CategoryDetailsThreat ActorsPerfctl (undisclosed group behind the malware campaign targeting Linux servers).Campaign OverviewCampaign targeting Linux servers…

British hospital group declares ‘major incident’ following cyberattack

Category Details Threat Actors Not disclosed, but linked to cybercriminals who have targeted the UK's…

Detecting WiFi dumping via direct WinAPI calls and introduction to “Immutable Artifacts”

AspectDetailsChallengeTraditional detections rely on mutable artifacts (e.g., netsh.exe usage).GoalIdentify immutable artifacts generated during WiFi credential…

CosmicSting: A Critical XXE Vulnerability in Adobe Commerce and Magento (CVE-2024-34102)

CategoryDetailsThreat ActorsNot explicitly mentioned.Campaign OverviewExploits "CosmicSting" vulnerability (CVE-2024-34102) in Adobe Commerce and Magento, targeting e-commerce…

Critical QNAP Vulnerabilities in Notes Station 3 and QuRouter Demand Immediate Patching (CVE-2024-38645, CVE-2024-38643, CVE-2024-48860)

CategoryDetailsProducts AffectedNotes Station 3 (v3.9.x), QuRouter (v2.4.x and earlier), QuLog Center, AI Core, QTS, QuTS…

OSINT Updates for November 25, 2024

https://twitter.com/UKikaski/status/1861015093703532971 On Monday , November 25 , Iran's Supreme Leader Ayatollah Ali Khamenei called for the…

South Asian hackers target Pakistani entities in new espionage campaign

Category Details Threat Actors Mysterious Elephant (also tracked as APT-K-47), likely originating from South Asia.…

Perfctl Campaign Exploits Millions of Linux Servers for Crypto Mining and Proxyjacking

CategoryDetailsThreat ActorsPerfctl campaign (attributed to an unknown threat actor targeting Linux servers).Campaign OverviewExploits Linux servers…

New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency

CategoryDetailsThreat ActorsUnattributed (Crimeware authors behind "SteelFox").Campaign OverviewSteelFox crimeware bundle distributed via malicious torrents and forums,…

ElizaRAT
Cloudy With a Chance of RATs: Unveiling APT36 and the Evolution of ElizaRAT

CategoryDetailsThreat ActorsAPT36 (Transparent Tribe)Campaign OverviewTargeting Indian government organizations, diplomatic personnel, and military facilities. Focus on…