Google Cloud offers good news and bad news on Log4Shell, other issues

Written by AJ Vicens Feb 15, 2022 | CYBERSCOOP Google Cloud is seeing 400,000 scans per day for systems vulnerable to the Log4Shell bug, the company said Tuesday. The findings…

Cobalt Strike Is Being Installed by Emotet for Faster Attacks

Emotet belongs to the malware strain known as banking Trojans, and it primarily spreads through malspam. The messages used by Emotet often contain familiar branding, mimicking the email format of well-known…

Emotet Is Dropping Cobalt Strike

Emotet is a virus infection that is propagated by spam email attachments that contain malicious Word or Excel documents. These documents utilize macros to download and install the Emotet Trojan…

Clop Ransomware Exploits SolarWinds Serv-U Flaw

The CVE-2021-35211 remote code execution vulnerability in Serv-U Managed File Transfer and Serv-U Secure FTP allows a remote threat actor to execute instructions on a susceptible server with elevated privileges.…

Harvester Malicious Group Is Going After Telcos

Researchers noticed a previously unknown state-sponsored actor that seems to be using a unique combination of tools in cyberattacks against South Asian telecommunications providers and IT corporations. The cybercrime group’s…

Decoding Cobalt Strike: Understanding Payloads

Avast –  Avast –  Intro Cobalt Strike threat emulation software is the de facto standard closed-source/paid tool used by infosec teams in many governments, organizations and companies. It is also…

Backdoored Client from Mongolian CA MonPass

Avast –  Avast –  We discovered an installer downloaded from the official website of MonPass, a major certification authority (CA) in Mongolia in East Asia that was backdoored with Cobalt…