GLESEC’s

SKYWATCHSM ALERTS

FIN8 Uses Revamped Sardonic Backdoor to Deliver Noberus Ransomware
July 20, 2023

Symantecs Threat Hunter Team recently observed the Syssphinx (aka FIN8) cyber-crime group deploying a variant of the Sardonic backdoor to deliver the Noberus ransomware.

Read More...
Google Firebase Hosting Abused To Deliver Sorillus RAT
July 19, 2023

Adversaries were found abusing Googles Firebase Hosting service to deliver the legitimate Sorillus remote administration tool.

Read More...
Attackers Exploit (CVE-2023-36884) Unpatched Windows Zero-Day Vulnerability
July 13, 2023

A zero-day vulnerability (CVE-2023-36884) affecting Microsoft Windows and Office products is being exploited by attackers in the wild. To date, the exploit has been used in highly targeted attacks against organizations in the government and defense sectors in Europe and North America.

Read More...
Unleashing WhiteSnake Stealer
July 12, 2023

WhiteSnake Stealer was discovered in early 2022 and can collect data from browsers email clients messages apps and crypto wallets.

Read More...
The suspected Maha grass organization uses the WarHawk backdoor variant Spyder to spy on many countries
July 5, 2023

Maha Grass also known as Patchwork White Elephant Hangover Dropping Elephant etc. Qi Anxin internal tracking number APT-Q-36.

Read More...