TA402 Group using Weaponized XLL and RAR Files to Deliver Malware | allinfosecnews.com

Nov. 16, 2023, 5:22 a.m. | Eswar

GBHackers On Security gbhackers.com

Researchers have discovered a new phishing campaign that targets Middle Eastern and North African Government Entities to deliver a new initial access downloader termed “IronWind.” This downloader is followed by additional payload stages, which downloads a shellcode. Most campaigns were using Dropbox links, which then evolved to using XLL and RAR file attachments to evade […]

The post TA402 Group using Weaponized XLL and RAR Files to Deliver Malware appeared first on GBHackers on Security | #1 Globally Trusted Cyber …

access campaign campaigns computer security deliver malware downloads dropbox entities files government initial access ironwind links malware north payload phishing phishing campaign rar rar files researchers shellcode ta402 xll

More from gbhackers.com / GBHackers On Security

ELLIO and ntop partnership to boost high-speed network traffic monitoring with real-time data on opportunistic … 1 day, 23 hours ago | gbhackers.com

applications attacks botnets commercial +16

LilacSquid Hackers Attacking IT Industries To Harvest Confidential Data 2 days ago | gbhackers.com

access advanced persistent threat can cisco +29

FlyingYeti Exploits WinRAR Vulnerability For Targeted Malware Attacks 2 days ago | gbhackers.com

actor attacks cve cybersecurity threats +23

Hackers Weaponizing MS Office-Cracked Versions to Deliver Malware 2 days ago | gbhackers.com

attackers changing commands cracked +23

DDoS-as-a-Service Botnet Backed by Mirai Attacking Gaming Community 2 days ago | gbhackers.com

as-a-service attacks botnet botnets +19

Hackers Exploiting Stored XSS Vulnerabilities in WordPress Plugins 2 days, 1 hour ago | gbhackers.com

attackers cross-site cve cve-2023-40000 +25

VirusTotal Celebrates 20th Anniversary, What’s Next? 2 days, 4 hours ago | gbhackers.com

20th anniversary anniversary cyber security cybersecurity +16

Beware of Fake Browser Updates That Deliver Bitrat & Lumma Stealer 2 days, 6 hours ago | gbhackers.com

attackers breaches browser campaign +24

Progress Telerik Report Server Flaw Let Attackers Bypass Authentication 3 days ago | gbhackers.com

attackers authentication authentication bypass bypass +13

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia

View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)

View on infosec-jobs.com