Magecart gang hides PHP-based web shells in favicons

Magecart cybercrime gang is using favicon to hide malicious PHP web shells used to maintain remote access to inject JavaScript skimmers into online stores. Magecart hackers are distributing malicious PHP web shells hidden in website favicon to inject JavaScript e-skimmers into online stores and steal payment information. Researchers from Malwarebytes observed threat actors, likely Magecart … Continue reading Magecart gang hides PHP-based web shells in favicons

Lucifer – A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration And More…

Setup git clone https://github.com/Skiller9090/Lucifer.git cd Lucifer pip install -r requirements.txt python main.py --help If you want the cutting edge changes add -b dev to the end of git clone https://github.com/Skiller9090/Lucifer.git Commands Command Description help Displays This Menu name Shows name of current shell id Displays current shell's id show Shows options or modules based on … Continue reading Lucifer – A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration And More…

A taste of the latest release of QakBot

A taste of the latest release of QakBot – one of the most popular and mediatic trojan bankers active since 2007. The malware QakBot, also known as Qbot, Pinkslipbot, and Quakbot is a banking trojan that has been made headlines since 2007. This piece of malware is focused on stealing banking credentials and victim’s secrets … Continue reading A taste of the latest release of QakBot

Bait Boost: Phishers Delivering Increasingly Convincing Lures

An intense hunt for corporate account credentials will continue into next quarter, researchers predict. Innovative twists on banking scams and corporate-account hunters wielding increasingly clever lures, including those with COVID-19 vaccine promises, are likely to dominate the spam and phishing landscape throughout Q2 2021, according to researchers. And although no new wild trends have emerged, … Continue reading Bait Boost: Phishers Delivering Increasingly Convincing Lures

The UNC2529 Triple Double: A Trifecta Phishing Campaign

In December 2020, Mandiant observed a widespread, global phishing campaign targeting numerous organizations across an array of industries. Mandiant tracks this threat actor as UNC2529. Based on the considerable infrastructure employed, tailored phishing lures and the professionally coded sophistication of the malware, this threat actor appears experienced and well resourced. This blog post will discuss … Continue reading The UNC2529 Triple Double: A Trifecta Phishing Campaign