ModernLoader delivers multiple stealers, cryptominers and RATs | allinfosecnews.com

Aug. 30, 2022, noon | Vanja Svajcer (noreply@blogger.com)

Cisco Talos Intelligence Group - Comprehensive Threat Intelligence blog.talosintelligence.com

By Vanja Svajcer

Cisco Talos recently observed three separate, but related, campaigns between March and June 2022 delivering a variety of threats, including the ModernLoader bot, RedLine information-stealer and cryptocurrency-mining malware to victims.

The actors use PowerShell, .NET assemblies, and HTA and VBS files to spread across a targeted network, eventually dropping other pieces of malware, such as the SystemBC trojan and DCRAT, to enable various stages of their operations. The attackers' use of a variety of off-the-shelf tools makes …

cryptominers dcrat modernloader redline securex threats

More from blog.talosintelligence.com / Cisco Talos Intelligence Group - Comprehensive Threat Intelligence

What can we learn from the passwords used in brute-force attacks? 1 day, 2 hours ago | blog.talosintelligence.com

attacks brute brute-force can +5

Vulnerabilities in employee management system could lead to remote code execution, login credential theft 2 days, 4 hours ago | blog.talosintelligence.com

code code execution credential credential theft +21

Cisco Talos at RSAC 2024 3 days, 8 hours ago | blog.talosintelligence.com

announcements cisco cisco talos cybersecurity +12

James Nutland studies what makes threat actors tick, growing our understanding of the current APT … 4 days, 8 hours ago | blog.talosintelligence.com

adversary apt can current +14

The private sector probably isn’t coming to save the NVD 1 week, 1 day ago | blog.talosintelligence.com

arcanedoor coming cybercrime isn +9

Talos IR trends: BEC attacks surge, while weaknesses in MFA persist 1 week, 1 day ago | blog.talosintelligence.com

adversaries attacks bec bec attacks +17

ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices 1 week, 2 days ago | blog.talosintelligence.com

apt campaign campaigns devices +15

Suspected CoralRaider continues to expand victimology using three information stealers 1 week, 3 days ago | blog.talosintelligence.com

apt argument bypass command +17

What’s the deal with the massive backlog of vulnerabilities at the NVD? 2 weeks ago | blog.talosintelligence.com

backlog current deal management +10

Financial Crimes Compliance - Senior - Consulting - Location Open

@ EY | New York City, US, 10001-8604

View on infosec-jobs.com

Software Engineer - Cloud Security

@ Neo4j | Malmö

View on infosec-jobs.com

Security Consultant

@ LRQA | Singapore, Singapore, SG, 119963

View on infosec-jobs.com

Identity Governance Consultant

@ Allianz | Sydney, NSW, AU, 2000

View on infosec-jobs.com

Educator, Cybersecurity

@ Brain Station | Toronto

View on infosec-jobs.com

Principal Security Engineer

@ Hippocratic AI | Palo Alto

View on infosec-jobs.com