lazarusholic · @lazarusholic
2 followers · 34 posts · Server infosec.exchange

"킴수키(Kimsuky)조직, '협의 이혼 의사 확인 신청서'를 위장한 QuasarRAT 유포 중!" published by ESTSecurity. , , , , blog.alyac.co.kr/5103

#kimsuky #quasarrat #cti #osint #lazarus

Last updated 2 years ago

IAintShootinMis · @iaintshootinmis
462 followers · 582 posts · Server digitaldarkage.cc

Todays included discussion about being propagated via malicious .one files.

I broke down the anatomy of this attack here and offer some free and effective mitigations for to help prevent this


justinmcafee.com/2023/01/malic

#newsyoushouldknow #quasarrat #onenote #blueteam #defenders #threat #infosec #threatintel

Last updated 2 years ago

How hard is it to upload malware on Google API (firebase) and abuse it?

Not much, just base64 first and then reverse it, and you get a Google API link for your malware stager which many products will not cover.

Live firebase link serving malware as of now (this is from a real campaign, not POC )

hxxps[://]firebasestorage[.]googleapis[.]com/v0/b/dsadsa-4c70a[.]appspot[.]com/o/apgtoo[.]txt?alt=media&token=f07d9c0f-39f0-44d3-a984-21cfc695edf0


cc @SwiftOnSecurity @Myrtus

#quasarrat #malware #infosec #cybersecurity

Last updated 2 years ago

KrknSec · @krknsec
27 followers · 28 posts · Server infosec.exchange

Anyone have a config extractor script for ? I couldn't find one online. I made one but it seems a bit complicated/too many moving parts so I wanted to see if there was a better/easier way that I couldn't figure out. I'm not great with config extractors for .NET malware yet.

#quasarrat

Last updated 2 years ago

ITSEC News · @itsecbot
856 followers · 32557 posts · Server schleuss.online

Malicious campaign uses a barrage of commodity RATs to target Afghanistan and India - Cisco Talos recently discovered a threat actor using political and government-them... feedproxy.google.com/~r/feedbu

#rats #dcrat #maldoc #securex #quasarrat #crimeware

Last updated 3 years ago

ITSEC News · @itsecbot
687 followers · 32461 posts · Server schleuss.online