According to cybersecurity provider Cyble, a new sophisticated malicious campaign is using an undetected Cerberus Android banking Trojan payload. In a new report published on 14 October 2024, Cyble Research and Intelligence Labs (CRIL) https://cyble.com identified 15 malicious samples posing as Chrome and Play Store apps from mid-September through the end of October. These samples use a multi-stage dropper to deploy a banking trojan payload, which was found to be leveraging the Cerberus banking
keylogging (3)
FortiGuard Labs researchers recently captured a phishing campaign that spreads a new Agent Tesla variant. This well-known malware family uses a .Net-based Remote Access Trojan (RAT) and data stealer to gain initial access. It is often used for Malware-as-a-Service (MaaS).
An in-depth analysis of this campaign was performed, from the initial phishing email to the actions of Agent Tesla installed on the victim’s machine to collect sensitive information from the affected device. In this analysis, y
An adversary known for targeting the Financial Cyber Sector, at least since 2018, has switched up its tactics to include a new Python-based remote access Trojan (RAT).[1] This RAT can steal passwords, documents, browser cookies, email credentials, software licenses, and credentials for trading software/platforms, customer credit card information, and proof of address/identity documents, and other sensitive information. The group is suspected of offering APT style hacker-for-hire services to o
