Cybercrime, Nobelium exploits a new custom malware: Ceeloader
Mandiant cybersecurity experts: The APT (aka UNC2452) also shows two distinct clusters of activity, UNC3004 and UNC2652.
Cybercrime, also Linux has its Cobalt Strike Beacon version
Intezer cybersecurity experts spotted the new malware in August and dubbed it Vermilion Strike. It has been actively used in attacks targeting organizations.
Cybercrime, Conti attacks healthcare and first responder networks
The FBI cybersecurity experts: The ransomware hit at least 16 specific targets. The malware steals victims’ files and encrypts the servers to force a ransom payment.
Cybercrime, Hello ransomware uses China Chopper web shell vulnerability
Trend Micro cybersecurity experts: The malware (aka WickrMe) arrives via the CVE-2019-0604. Then, the threat actors exploit web shell to download Cobalt Strike.
Cybercrime, new Hancitor campaign via email attachment
The doc file starts malware infection thanks to the internal dll. The trojan is used as a downloader of other payloads such as Cobalt Strike and Ursnif / Gozi.
Cybercrime, ransomware actors deploy SystemBC as a backdoor
Sophos cybersecurity experts: It has being used for communications, data exfiltration and the download and execution of malicious modules.
Cybercrime, WebLogic Servers vulnerability used to install Cobalt Strike
SANS cybersecurity experts: Campaign exploits a chain of Powershell obfuscated scripts to download the malware. Probably it’s the work of a ransomware gang.
Cybercrime, Sodinokibi attackers leverage Cobalt Strike and scan for POS
Symantec cyber security experts spotted a ransomware campaign which exploits legitimate tools and both malware to earn big profits from large-multinational companies.
Cybercrime spread BazarBackdoor trojan via Sendgrid
The cyber security experts: The malware is sent through a phishing campaign by TrickBot authors with different lures. Moreover, after a period of time, it installs Cobalt Strike on infected computer.
Cybercrime spread PyXie RAT to steal credentials and passwords
Cylance cyber security experts: The new malware targets a wide range of industries. It has been seen in conjunction with Cobalt Strike beacons and a downloader that has similarities to Shifu.