Analysis of Redline Infostealer Campaign
Redline Stealer is a highly effective form of malware that is designed to steal sensitive information from infected systems. It was first discovered in 2018 that it can cause significant harm to...
What’s the CVE-2017-0199 Exploit?
The way Microsoft Office and WordPad parse specially crafted files results in a remote code execution vulnerability. An attacker who successfully exploits this vulnerability could gain access of highest privilege to the system. After that, an attacker could install additional tools to view, change, or delete data, or create new accounts with full administrative rights.
To exploit this vulnerability, a user must open or preview a specially crafted file using an affected version of Microsoft Office or WordPad. An attacker could exploit the vulnerability in an email attack scenario by sending a specially crafted file to the user and then convincing the user to open the file.
Redline Stealer is a highly effective form of malware that is designed to steal sensitive information from infected systems. It was first discovered in 2018 that it can cause significant harm to...
Agent Tesla is a password-stealer and remote access trojan that collects information about the actions of its victims by eavesdropping on keystrokes and user interactions. It is marketed as...
AsyncRAT (Asynchronous Remote Access Trojan) is an open source remote administration malware that enables an attacker to take control of a victim's computer. It is a powerful tool that allows the...
In the previous post, we have seen the Agent Tesla malware has infected its victims by using .PS1 Powershell script to invoke the web request from the Blacklisted IPs. Agent Tesla’s successful...
Cobalt Strike is a popular penetration testing tool that allows users to emulate advanced threats, perform reconnaissance, hide communications, escalate privileges, move laterally across the...
Qakbot (aka Qbot or Pinkslipbot) is a banking trojan, which steals sensitive data from the targeted victims and attempts to self-propagate to other systems on the network. As we all know,...
QuasarRAT (aka: CinaRAT, Yggdrasil) is a well-known open-source remote access trojan (RAT) that has been widely spread in the wild which is developed using the C# programming language and also as...
Remcos RAT, also known as Remote Control and Surveillance RAT, is a remote access Trojan (RAT) that enables attackers to take control and get unauthorised access to a victim's computer. Malicious...
Lorenz is a human operated ransomware group that targets global organizations. To pressurize the victim, the malware operator threatens the user to leak data online if the ransom is not paid. The...
Qakbot (aka Qbot or Pinkslipbot) is a banking trojan, which steals sensitive data from the targeted victims and attempts to self-propagate to other systems on the network. As we all know,...