Threat actors are increasingly making use of GitHub for malicious purposes through novel methods, including abusing secret Gists and issuing malicious commands via git commit messages. “Malware authors occasionally place their samples in services like Dropbox, Google Drive, OneDrive, and Discord to host second stage malware and sidestep detection tools,” ReversingLabs researcher Karlo Zanki said […]
North Korean threat actors behind two major macOS-targeting malware strains of 2023 — RustBucket and KandyKorn — have been found mixing the elements of these disparate attacks to evade detection, according to a SentinelOne study. The new technique leverages the RustBucket dropper, SwiftLoader, to deliver the KandyKorn remote access trojan (RAT) payload. Read More
The China-linked Mustang Panda actor has been linked to a cyber attack targeting a Philippines government entity amid rising tensions between the two countries over the disputed South China Sea. Palo Alto Networks Unit 42 attributed the adversarial collective to three campaigns in August 2023, primarily singling out organizations in the South Pacific. “The campaigns […]
Latest Comments