Tag: memory-only
-
Cloud Blog: Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/prc-nexus-espionage-targets-diplomats/ Source: Cloud Blog Title: Deception in Depth: PRC-Nexus Espionage Campaign Hijacks Web Traffic to Target Diplomats Feedly Summary: Written by: Patrick Whitsell In March 2025, Google Threat Intelligence Group (GTIG) identified a complex, multifaceted campaign attributed to the PRC-nexus threat actor UNC6384. The campaign targeted diplomats in Southeast Asia and other entities…
-
Cloud Blog: Mark Your Calendar: APT41 Innovative Tactics
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/apt41-innovative-tactics/ Source: Cloud Blog Title: Mark Your Calendar: APT41 Innovative Tactics Feedly Summary: Written by: Patrick Whitsell Google Threat Intelligence Group’s (GTIG) mission is to protect Google’s billions of users and Google’s multitude of products and services. In late October 2024, GTIG discovered an exploited government website hosting malware being used to target…
-
Cloud Blog: Rightsize your Memorystore for Redis Clusters with open-source Autoscaler
Source URL: https://cloud.google.com/blog/products/databases/memorystore-cluster-autoscaler-now-on-github/ Source: Cloud Blog Title: Rightsize your Memorystore for Redis Clusters with open-source Autoscaler Feedly Summary: One of the most compelling aspects of cloud computing is being able to automatically scale resources up, but almost as importantly, to scale them back down to manage costs and performance. This is standard practice with virtual…
-
Cloud Blog: PEAKLIGHT: Decoding the Stealthy Memory-Only Malware
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/peaklight-decoding-stealthy-memory-only-malware/ Source: Cloud Blog Title: PEAKLIGHT: Decoding the Stealthy Memory-Only Malware Feedly Summary: Written by: Aaron Lee, Praveeth DSouza TL;DR Mandiant identified a new memory-only dropper using a complex, multi-stage infection process. This memory-only dropper decrypts and executes a PowerShell-based downloader. This PowerShell-based downloader is being tracked as PEAKLIGHT. Overview Mandiant Managed Defense…