all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Vice Society: A Tale of Victim Data Exfiltration via PowerShell, aka Stealing off the Land

Add to bookmarks
April 13, 2023, 1 p.m. | Ryan Chapman

Unit42 unit42.paloaltonetworks.com

The Vice Society ransomware gang exfiltrated victim network data using a custom Microsoft PowerShell script. We dissect how each function of it works.


The post Vice Society: A Tale of Victim Data Exfiltration via PowerShell, aka Stealing off the Land appeared first on Unit 42.

cortex xdr data data exfiltration exfiltration function microsoft network powershell powershell script powershell scripts ransomware ransomware gang script society stealing unit 42 vice society vice society ransomware victim

Visit resource

More from unit42.paloaltonetworks.com / Unit42

Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400 3 weeks, 2 days ago | unit42.paloaltonetworks.com
campaign command command injection cve +13
Muddled Libra’s Evolution to the Cloud 3 weeks, 5 days ago | unit42.paloaltonetworks.com
amp applications att aws +17
It Was Not Me! Malware-Initiated Vulnerability Scanning Is on the Rise 3 weeks, 6 days ago | unit42.paloaltonetworks.com
advanced threat prevention advanced url filtering advanced wildfire attacks +14
Threat Brief: Vulnerability in XZ Utils Data Compression Library Impacting Multiple Linux Distributions (CVE-2024-3094) 1 month ago | unit42.paloaltonetworks.com
compression cortex xdr cortex xsiam cve +17
Exposing a New BOLA Vulnerability in Grafana 1 month, 1 week ago | unit42.paloaltonetworks.com
advanced url filtering api api attacks authorization +19
ASEAN Entities in the Spotlight: Chinese APT Group Targeting 1 month, 1 week ago | unit42.paloaltonetworks.com
actions advanced persistent threat advanced url filtering apac +20
Large-Scale StrelaStealer Campaign in Early 2024 1 month, 1 week ago | unit42.paloaltonetworks.com
advanced threat protection advanced wildfire campaign campaigns +16
Curious Serpens’ FalseFont Backdoor: Technical Analysis, Detection and Prevention 1 month, 2 weeks ago | unit42.paloaltonetworks.com
advanced threat prevention advanced url filtering advanced wildfire aerospace +25
Unit 42 Collaborative Research With Ukraine’s Cyber Agency To Uncover the Smoke Loader Backdoor 1 month, 2 weeks ago | unit42.paloaltonetworks.com
advanced threat prevention advanced url filtering advanced wildfire agency +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States
View on infosec-jobs.com

GRC Analyst

@ Richemont | Shelton, CT, US
View on infosec-jobs.com

Security Specialist

@ Peraton | Government Site, MD, United States
View on infosec-jobs.com

Information Assurance Security Specialist (IASS)

@ OBXtek Inc. | United States
View on infosec-jobs.com

Cyber Security Technology Analyst

@ Airbus | Bengaluru (Airbus)
View on infosec-jobs.com

Vice President, Cyber Operations Engineer

@ BlackRock | LO9-London - Drapers Gardens
View on infosec-jobs.com
View more jobs