Threat Report SHOE RACK A post-exploitation tool for remote shell access & TCP tunnelling through a victim device Threat Overview SHOE RACK is a sophisticated malware developed in Go 1.18, designed for post-exploitation activities. It connects
Continue ReadingMonth: June 2025
Black Hat SEO Poisoning Search Engine Results For AI to Distribute Malware
Threat Overview The Security Operations Center (SOC) has identified a significant cyber threat through a recent report published by CyberHunter_NL on June 25, 2025. The report, titled 'Black Hat SEO Poisoning Search Engine Results For AI
Continue Reading
Threat Actors Abuse Signed ConnectWise Application as Malware Builder
Threat Overview\n\nSince March 2025, there has been a significant increase in infections involving validly signed ConnectWise samples. Threat actors are exploiting ConnectWise's authenticode stuffing practices to create and distribute their own signed malware. This sophisticated attack
Continue Reading
Graphite Caught First Forensic Confirmation of Paragons iOS Mercenary Spyware Finds Journalists Targeted
Threat Overview The Security Operations Center (SOC) has recently identified a new threat report published by CyberHunter_NL on June 20, 2025. The report, titled 'Graphite Caught: First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists
Continue Reading
GrayAlpha Unmasked New FIN7 Linked Infrastructure PowerNet Loader Fake Update Attacks
Threat Overview The Security Operations Center (SOC) has received a new threat report from CyberHunter_NL published on June 20, 2025. The report, titled GrayAlpha Unmasked: New FIN7-Linked Infrastructure, PowerNet Loader, and Fake Update Attacks, provides detailed
Continue Reading
Threat actor Banana Squad exploits GitHub repos in new campaign
Threat Overview The Security Operations Center (SOC) has identified a critical threat report published by AlienVault on June 19, 2025. The report, titled Threat actor Banana Squad exploits GitHub repos in new campaign, reveals a sophisticated
Continue Reading
Warning Against Distribution of Malware Disguised as Research Papers
Threat Overview A recent threat report published by AlienVault on June 18, 2025, highlights a sophisticated phishing campaign orchestrated by the Kimsuky group. This campaign targets individuals through deceptive emails disguised as requests for paper reviews
Continue Reading
Fileless AsyncRAT Distributed Via Clickfix Technique Targeting German Speaking Users
Threat Report Overview The cybersecurity landscape continues to evolve, with threat actors constantly developing new tactics, techniques, and procedures (TTPs) to evade detection and maximize their impact. In June 2025, a significant threat report was published
Continue Reading
JS Fire Truck Exploring Malicious JavaScript Using JSF ck as an Obfuscation Technique
Threat Report: JS Fire Truck Exploring Malicious JavaScript Using JSF*ck as an Obfuscation Technique Security Operation Center Threat Report Published by CyberHunter_NL on June 13, 2025 Confidence Level: 100% | Reliability: Completely reliable Executive Summary A
Continue Reading
Fog Ransomware Unusual Toolset Used in Recent Attack
Threat Overview The security landscape is constantly evolving, with new threats emerging regularly. A recent threat report published by AlienVault on June 12, 2025, sheds light on a sophisticated ransomware attack that targeted an Asian financial
Continue Reading