![]() ![]() Adversaries continue to leverage the pandemic, arguably the most significant issue globally as of this writing, in various ways. Guest Joe Slowik joins us from DomainTools to discuss his team's research "COVID-19 Phishing With a Side of Cobalt Strike." Multiple adversaries, from criminal groups to state-directed entities, engaged in malicious cyber activity using COVID-19 pandemic themes since March 2020. These include using decoys posing as operational documents belonging to the military and think tanks and ho… ![]() Targeting tactics and themes observed in SideCopy campaigns indicate a high degree of similarity to the Transparent Tribe APT (aka APT36) also targeting India. Talos has discovered multiple new RAT families and plugins currently used in SideCopy infection chains. Recent activity from the group, however, signals a boost in their development operations. We are calling this malware "CetaRAT." SideCopy also relies heavily on the use of Allakore RAT, a publicly available Delphi-based RAT. In the past, the attackers have used malicious LNK files and documents to distribute their staple C#-based RAT. Guest Asheer Malhotra, Threat Researcher of Cisco Talos Intelligence Group, joins Dave to discuss his team's research "InSideCopy: How this APT continues to evolve its arsenal." Cisco Talos has observed an expansion in the activity of SideCopy malware campaigns, targeting entities in India. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |