ObliqueRAT, Maldocs

ObliqueRAT Attacks Organizations in Southeast Asia Using Maldocs

ObliqueRAT, a new remote access Trojan (RAT), is delivered to targeted organizations in southeast Asia via malicious Microsoft Office documents (maldocs), Cisco Talos says. Cisco Talos researchers have discovered a new malicious RAT tracked as ObliqueRAT which seems to be developed to attack government organizations and diplomatic targets particularly organizations in southeast Asia. The ongoing…

Zebrocy attack detection rule via SPL

Get Your Shield Against Zebrocy Attack: Russian APT group detection with SPL Rule in your environment

Zebrocy is a Russian APT that shares similarities and overlaps with both the Sofacy and BlackEnergy APTs. Recently “Zebrocy spearphished a fairly long list of targets throughout the world with a new Nim downloader,” according to Kaspersky Lab researchers. This rule can detect Zebrocy based on its behavior and some IOC containing hash, IP and…

DoppelPaymer Ransomware

DoppelPaymer Ransomware Operators Have Launched a Website to Publish Victims’ Stolen Data if a Ransom Is Not Paid

DoppelPaymer operators have launched “Dopple” website to leak the stolen information of victims who refuse to pay a ransom. The operators said they have created this website to threaten victims that if they refuse to pay their information such as their names and important corporate data will be leaked on the site. The operators claim…

Raccoon malware

Racoon Malware Steals Data From Nearly 60 Apps

Researchers from CyberArk have discovered an infostealing malware that is relatively new on cybercriminal forums that can extract sensitive data from about 60 applications on a targeted computer. The operators behind the “Raccoon” infostealer Trojan have added new capabilities to this malware-as-service offering after being observed in the wild for the first time almost a year ago.…