snabelen.no

formuchdeliberationUnit 42, the research team at Palo Alto Networks, has identified a new malicious campaign targeting many financial organizations across Africa... <a href="https://mastodon.world/tags/unit42" class="mention hashtag" rel="nofollow noopener" target="_blank">#unit42</a> <a href="https://mastodon.world/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://mastodon.world/tags/paloaltonetworks" class="mention hashtag" rel="nofollow noopener" target="_blank">#paloaltonetworks</a> <a href="https://mastodon.world/tags/hackers" class="mention hashtag" rel="nofollow noopener" target="_blank">#hackers</a> <a href="https://mastodon.world/tags/africabusiness" class="mention hashtag" rel="nofollow noopener" target="_blank">#africabusiness</a> <a href="https://mastodon.world/tags/technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#technology</a> <a href="https://mastodon.world/tags/business" class="mention hashtag" rel="nofollow noopener" target="_blank">#business</a> <a href="https://mastodon.world/tags/finance" class="mention hashtag" rel="nofollow noopener" target="_blank">#finance</a> <a href="https://mastodon.world/tags/infosecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosecurity</a> <a href="https://mastodon.world/tags/technews" class="mention hashtag" rel="nofollow noopener" target="_blank">#technews</a> <a href="https://www.infosecurity-magazine.com/news/hackers-financial-businesses-africa/" rel="nofollow noopener" translate="no" target="_blank">https://www.infosecurity-magazine.com/news/hackers-financial-businesses-africa/</a>

OTX BotDarkCloud Stealer: Comprehensive Analysis of a New Attack Chain That Employs AutoItUnit 42 researchers have identified a series of attacks distributing DarkCloud Stealer, an information-stealing malware that has been active since 2022. The latest attack chain incorporates AutoIt to evade detection and uses a file-sharing server to host the malware. The infection process begins with a phishing email containing a RAR archive or a PDF that downloads the archive. The archive contains an AutoIt-compiled executable that decrypts and executes the final DarkCloud Stealer payload. The malware steals sensitive data including browser passwords, credit card information, and email client credentials. It employs anti-analysis techniques and achieves persistence through registry modifications. The campaign has targeted various sectors, with a focus on government organizations, particularly in Poland.Pulse ID: 6824cbccc06b226e68c5b4b5 Pulse Link: <a href="https://otx.alienvault.com/pulse/6824cbccc06b226e68c5b4b5" rel="nofollow noopener" translate="no" target="_blank">https://otx.alienvault.com/pulse/6824cbccc06b226e68c5b4b5</a> Pulse Author: AlienVault Created: 2025-05-14 16:58:52Be advised, this data is unverified and should be considered preliminary. Always do further verification.<a href="https://social.raytec.co/tags/Autoit" class="mention hashtag" rel="nofollow noopener" target="_blank">#Autoit</a> <a href="https://social.raytec.co/tags/Browser" class="mention hashtag" rel="nofollow noopener" target="_blank">#Browser</a> <a href="https://social.raytec.co/tags/Cloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cloud</a> <a href="https://social.raytec.co/tags/CreditCard" class="mention hashtag" rel="nofollow noopener" target="_blank">#CreditCard</a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://social.raytec.co/tags/Email" class="mention hashtag" rel="nofollow noopener" target="_blank">#Email</a> <a href="https://social.raytec.co/tags/FileSharing" class="mention hashtag" rel="nofollow noopener" target="_blank">#FileSharing</a> <a href="https://social.raytec.co/tags/Government" class="mention hashtag" rel="nofollow noopener" target="_blank">#Government</a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Malware</a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener" target="_blank">#OTX</a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenThreatExchange</a> <a href="https://social.raytec.co/tags/PDF" class="mention hashtag" rel="nofollow noopener" target="_blank">#PDF</a> <a href="https://social.raytec.co/tags/Password" class="mention hashtag" rel="nofollow noopener" target="_blank">#Password</a> <a href="https://social.raytec.co/tags/Passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#Passwords</a> <a href="https://social.raytec.co/tags/Phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#Phishing</a> <a href="https://social.raytec.co/tags/Poland" class="mention hashtag" rel="nofollow noopener" target="_blank">#Poland</a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener" target="_blank">#RAT</a> <a href="https://social.raytec.co/tags/Unit42" class="mention hashtag" rel="nofollow noopener" target="_blank">#Unit42</a> <a href="https://social.raytec.co/tags/Word" class="mention hashtag" rel="nofollow noopener" target="_blank">#Word</a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener" target="_blank">#bot</a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener" target="_blank">#AlienVault</a>

Nylige søk

Alternativer for søk

Administrert av:

Serverstatistikk:

#unit42