Browsing tag
An ongoing espionage campaign operated by the Russia-linked Gamaredon group is targeting employees of Ukrainian government, defense, and law enforcement agencies with a piece of custom-made information stealing malware. “The adversary is using phishing documents containing lures related to the Russian invasion of Ukraine,” Cisco Talos researchers Asheer Malhotra and Guilherme Venere said in a […]
Delivered by “secure” Word doc, pure PowerShell malware fetches commands from DNS TXT records. Researchers at Cisco’s Talos threat research group are publishing research today on a targeted attack delivered by a malicious Microsoft Word document that goes to great lengths to conceal its operations. Based entirely on Windows PowerShell scripts, the remote access tool […]
Short Bytes: You might not know but PowerShell, the ubiquitous force running behind the Windows environment, is slowly becoming a secure way for the attackers to hide their malicious activities. Unfortunately, at the moment, there’s no technical method of distinguishing between malicious and good PowerShell source code. In a new report, it has been discovered […]