Experimental News Clipping Site

Tag: evasion

  • Unit 42: Uncovering .NET Malware Obfuscated by Encryption and Virtualization

    by

    Kurt Seifried
    in

    Source URL: https://unit42.paloaltonetworks.com/?p=138493 Source: Unit 42 Title: Uncovering .NET Malware Obfuscated by Encryption and Virtualization Feedly Summary: Malware authors use AES encryption and code virtualization to evade sandbox static analysis. We explore how this facilitates spread of Agent Tesla, XWorm and more. The post Uncovering .NET Malware Obfuscated by Encryption and Virtualization appeared first on…

  • The Register: China’s Silver Fox spoofs medical imaging apps to hijack patients’ computers

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/02/25/silver_fox_medical_app_backdoor/ Source: The Register Title: China’s Silver Fox spoofs medical imaging apps to hijack patients’ computers Feedly Summary: Sly like a PRC cyberattack A Chinese government-backed group is spoofing legitimate medical software to hijack hospital patients’ computers, infecting them with backdoors, credential-swiping keyloggers, and cryptominers.… AI Summary and Description: Yes Summary: The text…

  • Unit 42: Auto-Color: An Emerging and Evasive Linux Backdoor

    by

    Kurt Seifried
    in

    Source URL: https://unit42.paloaltonetworks.com/?p=138356 Source: Unit 42 Title: Auto-Color: An Emerging and Evasive Linux Backdoor Feedly Summary: The new Linux malware named Auto-color uses advanced evasion tactics. Discovered by Unit 42, this article cover its installation, evasion features and more. The post Auto-Color: An Emerging and Evasive Linux Backdoor appeared first on Unit 42. AI Summary…

  • Cisco Talos Blog: Weathering the storm: In the midst of a Typhoon

    by

    Kurt Seifried
    in

    Source URL: https://blog.talosintelligence.com/salt-typhoon-analysis/ Source: Cisco Talos Blog Title: Weathering the storm: In the midst of a Typhoon Feedly Summary: Cisco Talos has been closely monitoring reports of widespread intrusion activity against several major U.S. telecommunications companies, by a threat actor dubbed Salt Typhoon. This blog highlights our observations on this campaign and identifies recommendations for…

  • Unit 42: Stately Taurus Activity in Southeast Asia Links to Bookworm Malware

    by

    Kurt Seifried
    in

    Source URL: https://unit42.paloaltonetworks.com/?p=138311 Source: Unit 42 Title: Stately Taurus Activity in Southeast Asia Links to Bookworm Malware Feedly Summary: Unit 42 details the just-discovered connection between threat group Stately Taurus (aka Mustang Panda) and the malware Bookworm, found during analysis of the group’s infrastructure. The post Stately Taurus Activity in Southeast Asia Links to Bookworm…

  • Hacker News: IRS using AI to make sure people aren’t playing the system (2023)

    by

    Kurt Seifried
    in

    Source URL: https://www.cbsnews.com/detroit/news/irs-using-artificial-intelligence-ai-taxes/ Source: Hacker News Title: IRS using AI to make sure people aren’t playing the system (2023) Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the Internal Revenue Service (IRS) utilizing an AI tool to monitor taxpayers in efforts to prevent tax evasion. While the implementation of AI in…

  • Slashdot: First OCR Spyware Breaches Both Apple and Google App Stores To Steal Crypto Wallet Phrases

    by

    Kurt Seifried
    in

    Source URL: https://it.slashdot.org/story/25/02/05/1826259/first-ocr-spyware-breaches-both-apple-and-google-app-stores-to-steal-crypto-wallet-phrases?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: First OCR Spyware Breaches Both Apple and Google App Stores To Steal Crypto Wallet Phrases Feedly Summary: AI Summary and Description: Yes **Summary:** Researchers from Kaspersky have identified new malware named “SparkCat” that exploits optical character recognition (OCR) technology to extract cryptocurrency wallet recovery phrases from users’ photo galleries…