CVE-2024-21412: gli operatori di DarkGate sfruttano il bypass dello SmartScreen di Microsoft Windows nella campagna Zero-Day (www.trendmicro.com) Italian
La Zero Day Initiative (ZDI) ha recentemente scoperto una campagna DarkGate a metà gennaio 2024, che sfruttava la CVE-2024-21412 attraverso l’uso di falsi programmi di installazione. Durante questa campagna, gli utenti sono stati attirati utilizzando PDF che contenevano reindirizzamenti aperti di Google DoubleClick Digital...
Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO (www.trendmicro.com)
IoCs list: www.trendmicro.com/content/…/ioc-ra-world.txt...
Earth Preta Campaign Uses DOPLUGS to Target Asia (www.trendmicro.com)
The Linux Threat Landscape Report - Security News (www.trendmicro.com)
Malvertising Used as Entry Vector for BlackCat Actors Also Leverage SpyBoy Terminator (www.trendmicro.com)
We found that malicious actors used malvertising to distribute malware via cloned webpages of legitimate organizations. The distribution involved a webpage of the well-known application WinSCP, an open-source Windows application for file transfer. We were able to identify that this activity led to a BlackCat (aka ALPHV)...