Fake Windows update pushes malware in new ClickFix attack

The ClickFix campaign disguises malware as legitimate Windows updates, using steganography to hide shellcode in PNG files and ...
WeLiveSecurity

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage ...
The Hacker News

Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure

GrayBravo drives four CastleLoader threat clusters using phishing, malvertising, and Booking-themed lures across multiple ...
Infosecurity Magazine

ClickFix Social Engineering Sparks Rise of CastleLoader Attacks

A new malware campaign has been identified using a Python-based delivery system to deploy CastleLoader malware ...
The Hacker News

NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems

Written in C++, NANOREMOTE is equipped to perform reconnaissance, execute files and commands, and transfer files to and from ...
GitHub

Cobalt Strike Shellcode Generator

The generator will use your client host's default "python" command to launch the RC4/AES encryption script Your client host needs to be able to execute native .NET framework assemblies for the RC4/AES ...
GitHub

Penetration Testing with Shellcode

Security has always been a major concern for your application, your system, or your environment. This book's main goal is to build your skills for low-level security exploits, finding vulnerabilities ...
Microsoft

Submit a file for malware analysis

Microsoft security researchers analyze suspicious files to determine if they are threats, unwanted applications, or normal files. Submit files you think are malware or files that you believe have been ...