Attackers are compromising email accounts to launch real estate scams, targeting individuals seeking rental properties.
Category: Threat Hunt
Double-Tap Campaign by UAC-0063
The threat actor is conducting a spearphishing campaign to deliver malicious attachments, maintain persistence, and establish command and control.
Hunting all around for TA397 RATs
Attackers are using phishing emails to deliver malicious attachments that gather system information and exfiltrate it to a remote server.
Hunting FLUX#CONSOLE
Attackers are exploiting vulnerabilities in Microsoft Management Console (MMC) snap-in files to execute malicious code.
Hunt 4 Glutton PHP Backdoor and Round
The attacker may have used the malware to check for antivirus-related processes running in the system.
Hunt 4 DarkGate Vish
The attacker may have used the malware to check for antivirus-related processes running in the system.
Hunt 4 Malicious Check of AV Processes
The attacker may have used the malware to check for antivirus-related processes running in the system.
Hunt 4 SectopRAT
The attacker may have left unsecured credentials in the registry, which could be used for persistence and lateral movement.
Hunting 4 PhantomCore RAT
The attacker is using spearphishing emails with malicious attachments to deliver malware, which then establishes command and control and collects system information.
Hunt 4 Zloader Trojan – DNS Tunneling
Attackers are using hidden files and directories to evade detection and maintain persistence within the environment.