Τι είναι το MeshAgent: Το MeshAgent είναι ένα λογισμικό που επιτρέπει στους χρήστες να διαχειρίζονται απομακρυσμένα τα τερματικά συστήματα συνδεόμενοι σε έναν ανοιχτού πηγαίου κώδικα διακομιστή διαχείρισης απομακρυσμένων συστημάτων που ονομάζεται MeshCentral. Οι χρήστες μπορούν να εγκαταστήσουν το MeshAgent σε τερματικά συστήματα Windows, Linux, macOS και FreeBSD. Το MeshAgent δεν είναι κατ’ αρχήν κακόβουλο, αλλά […]
Τι είναι το Vidar infostealer : Το Vidar infostealer είναι ένα κακόβουλο λογισμικό που κλέβει ευαίσθητες πληροφορίες από πορτοφόλια κρυπτονομισμάτων, web browsers και άλλες εφαρμογές όπως το WinSCP, το Telegram και το Authy 2FA σε μολυσμένα συστήματα Windows. Μπορεί να συλλέξει αποθηκευμένα διαπιστευτήρια, πληροφορίες σχετικά με το υικό και το λογισμικό στα μολυσμένα συστήματα. Το […]
What is Venom Rat: Venom RAT is a remote access tool that targets Windows operating systems and allows attackers to gain full access and remote control of the victims' machines. It is typically distributed as malicious attachments in unwanted email messages, malicious advertisements, and other social engineering techniques. The main purpose [...]
What is Black Basta: Black Basta is a ransomware that emerged in April 2022, primarily targeting businesses. It has been observed that the ransomware appends the ".basta" extension to encrypted files. Common infection vectors for Black Basta include phishing attacks, torrent websites, and adware. The ransomware has two variants [...]
What is BlackCat Ransomware: BlackCat (also known as ALPHV, Noberus) was first detected in November 2021 and is considered one of the most advanced and threatening types of malware in 2021 and 2022. However, towards the end of 2022, the number of computers infected by BlackCat decreased by 28% [...]
Cobalt Strike is a red team control and command tool used for adversary simulation. Due to its capabilities and flexibility, it has gained wide acceptance among red teamers as well as malicious actors. Many threat actors such as APT29, APT32, APT41, APT19, UNC2452, FIN6 use illegal (cracked) versions of Cobalt Strike in their attacks.
Lockbit 3.0 ransomware : Lockbit is considered one of the most notorious and active ramsomware . Lockbit Ransomware uses a variety of techniques to target critical infrastructure and organizations around the world. Lockbit ransomware attacks primarily target devices running Windows operating system, using multiple techniques to initially [...]
Introduction: It is known that malware uses the services of the Windows operating system to achieve the attacker's desired goals. For example, a service of the Windows operating system, such as Vssadmin, can be used by ransomware to prevent the system from being restored from backup copies.
The Follina (CVE-2022-30190) is a zero-day vulnerability in Microsoft Office that was discovered on May 27, 2022. It is a high-severity vulnerability that hackers can exploit for remote code execution (RCE) attacks. Remote code execution (RCE) refers to a category of cyber attacks where the attackers execute code on a targeted system remotely, without having physical access to it.
What is Sysjoker: Sysjoker is a malicious backdoor software that was first discovered in December 2021 by Intezer. It is sophisticated and written in C++. Sysjoker is a multi-platform malicious software that targets Windows, Linux, and macOS operating systems. Common attacks involving Sysjoker include email attachments, malicious...