The Hacker News

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.
Dark Reading

Analysis Shows Attackers Favor PowerShell, File Obfuscation

An analysis of threats encountered by four organizations has identified the most common techniques used by attackers to compromise systems, infiltrate networks, and steal data, according to data ...
Homeland Security Today

Exploring the Depths of Cmd.exe Obfuscation and Detection Techniques

Skilled attackers continually seek out new attack vectors, while employing evasion techniques to maintain the effectiveness of old vectors, in an ever-changing defensive landscape. Many of these ...
Infosecurity-magazine.com

Walmart Discovers New PowerShell Backdoor Linked to Zloader Malware

An unknown PowerShell backdoor has been discovered alongside a new variant of the Zloader/SilentNight malware, Walmart’s Cyber Intelligence Team has reported. The PowerShell backdoor has been ...
CSO Online

North Korean hackers abuse LNKs and GitHub repos in ongoing campaign

The multi-stage campaign targeting South Korea uses weaponized Windows shortcuts and GitHub-based command and control to ...
Infosecurity Magazine

GitHub Used as Covert Channel in Multi-Stage Malware Campaign

A series of malicious LNK files targeting users in South Korea has been detected using a multi-stage attack chain that uses GitHub as command and control (C2) infrastructure.