Summary:
Cado Security Labs has uncovered a GuLoader campaign targeting European industrial and engineering firms, utilizing evasive techniques to deliver Remote Access Trojans (RATs) through spearphishing emails. The campaign employs obfuscated PowerShell scripts and sophisticated evasion methods to bypass detection.Keypoints:
GuLoader is an evasive shellcode downloader used since 2019.…Cado Security Labs researchers have recently encountered an emerging malware campaign targeting misconfigured servers running the following web-facing services:
The campaign utilises a number of unique and unreported payloads, including four Golang binaries, that serve as tools to automate the discovery and infection of hosts running the above services.…
Facebook advertisers in Vietnam are the target of a previously unknown information stealer dubbed VietCredCare at least since August 2022. The malware is “notable for its ability to automatically filter out Facebook session cookies and credentials stolen from compromised devices, and assess whether these accounts manage business profiles and if they maintain a positive Meta ad credit Read More
The Hacker News
https://www.group-ib.com/blog/vietcredcare-stealer/…
Cado Security Labs researchers have recently encountered a novel malware campaign targeting Redis for initial access. Whilst Redis is no stranger to exploitation by Linux and cloud-focused attackers, this particular campaign involves the use of a number of novel system weakening techniques against the data store itself. …