Security Affairs

MARCH 30, 2023

The company started distributing digitally signed Trojanized installers to its customers “The trojanized 3CXDesktopApp is the first stage in a multi-stage attack chain that pulls ICO files appended with base64 data from Github and ultimately leads to a 3rd stage infostealer DLL still being analyzed as of the time of writing.”

File names 85

File names Manufacturing Libraries Cybersecurity 85

Security Affairs

OCTOBER 13, 2022

The Budworm cyber espionage group (aka APT27 , Bronze Union , Emissary Panda , Lucky Mouse , TG-3390 , and Red Phoenix) is behind a series attacks conducted over the past six months against a number of high-profile targets, including the government of a Middle Eastern country, a multinational electronics manufacturer, and a U.S.

File names 128

File names Financial Services Manufacturing Libraries 128

Security Affairs

OCTOBER 18, 2022

The Operation CuckooBees had been operating under the radar since at least 2019, threat actors conducted multiple attacks to steal intellectual property and other sensitive data from victims. The attacks detailed by Cybereason targeted technology and manufacturing companies primarily located in East Asia, Western Europe, and North America.

File names 109

File names Encryption Manufacturing Libraries 109

Security Affairs

JUNE 5, 2020

The particular chain of attack we discovered showed interesting technical patterns resembling other previous activities targeting the Italian manufacturing landscape, for this reason, we decided to dig deeper. The decoding function of the payloads is the same, despite the variable names. Technical Analysis. Figure 3: Extracted Macro.

Manufacturing 97

Manufacturing File names IT Libraries 97