GLESEC’s

SKYWATCHSM ALERTS

Goot Camp Gootloader Operation
February 8, 2023

Downloading and opening the malicious ZIP archive launched a series of scripts resulting in the system infected with malicious software including a Cobalt Strike beacon.

Read More...
Ukraine Government Sector Targeted With The DolphinCape Information Stealer
February 1, 2023

Opening the attachment resulted in VBScript code creating a scheduled task for persistence and a PowerShell script downloading the DolphinCape information stealer.

Read More...
Multiple Malware Variants Distributed Through Microsoft OneNote
January 31, 2023

Multiple legitimate Microsoft Windows utilities were used to carry out the operation including cmd, BITSAdmin, PowerShell, wscript, and curl.

Read More...
The NoName057(16) Hacktivist Group Targets Ukraine Supporters With DDoS Attacks
January 19, 2023

Organizations affected included governments, media outlets, military, suppliers, telecommunication companies, transportation authorities, financial institutions, and many others.

Read More...
Dridex Returns To Target MacOS With Updated Techniques
January 11, 2023

The initial file analyzed arrived as a Mach-o executable that performed discovery routines and writes malicious code to files with a doc extension. 
The malware continues the malicious activity by enabling macros and retrieving additional payloads from decrypted URLS.

Read More...