all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

TA402 Group using Weaponized XLL and RAR Files to Deliver Malware

Add to bookmarks
Nov. 16, 2023, 5:22 a.m. | Eswar

GBHackers On Security gbhackers.com

Researchers have discovered a new phishing campaign that targets Middle Eastern and North African Government Entities to deliver a new initial access downloader termed “IronWind.” This downloader is followed by additional payload stages, which downloads a shellcode.  Most campaigns were using Dropbox links, which then evolved to using XLL and RAR file attachments to evade […]


The post TA402 Group using Weaponized XLL and RAR Files to Deliver Malware appeared first on GBHackers on Security | #1 Globally Trusted Cyber …

access campaign campaigns computer security deliver malware downloads dropbox entities files government initial access ironwind links malware north payload phishing phishing campaign rar rar files researchers shellcode ta402 xll

Visit resource

More from gbhackers.com / GBHackers On Security

Hackers Exploit Microsoft Graph API For C&C Communications an hour ago | gbhackers.com
amp analysts api called +28
ApacheMQ Authentication Flaw Let Unauthorized Users Perform Multiple Actions an hour ago | gbhackers.com
actions activemq apache apache activemq +20
68% of Data Breach Occurs Due to Social Engineering Attacks 2 hours ago | gbhackers.com
attacks breach breaches cyber +20
U.S. Govt Warns of Massive Social Engineering Attack from North Korean Hackers 5 hours ago | gbhackers.com
advanced advisory agency attack +31
Cisco IP Phone Vulnerability Let Attackers Trigger DoS Attack 7 hours ago | gbhackers.com
access attack attackers attacks +24
Threat Actors Renting Out Compromised Routers To Other Criminals 7 hours ago | gbhackers.com
anonymization apt apt group botnet +27
New “Goldoon” Botnet Hijacking D-Link Routers to Use for Other Attacks 8 hours ago | gbhackers.com
april attacks botnet control +23
LayerX Security Raises $24M for its Browser Security Platform, Enabling Employees to Work Securely From … 23 hours ago | gbhackers.com
browser browser security capital cyber security +24
GoldDigger Malware Using Deep Fake AI Photos To Hijack Bank Accounts 23 hours ago | gbhackers.com
access accounts artificial intelligence bank +30

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Offensive Security Engineer

@ Ivanti | United States, Remote
View on infosec-jobs.com

Senior Security Engineer I

@ Samsara | Remote - US
View on infosec-jobs.com

Senior Principal Information System Security Engineer

@ Chameleon Consulting Group | Herndon, VA
View on infosec-jobs.com

Junior Detections Engineer

@ Kandji | San Francisco
View on infosec-jobs.com

Data Security Engineer/ Architect - Remote United States

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
View on infosec-jobs.com
View more jobs