Bleeping Computer

Defending against malware persistence techniques with Wazuh

Malware persistence techniques enable attackers to maintain access to compromised endpoints despite system reboots, credential changes, or other disruptions. Common methods include altering ...
SecurityWeek

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...

Experts warn a key Microsoft legacy tool is still being abused to launch malware campaigns

MSHTA is being used for both simple and advanced threats, deploying loaders and infostealers.
CSO Online

Internet Explorer may be dead, but its ghost still runs malware

A legacy Windows scripting utility tied to Internet Explorer is still being used in modern malware campaigns, researchers say ...
SiliconANGLE

‘PyStoreRAT’ malware uses fake developer tools on GitHub to infect Windows systems

A new report out today from endpoint security firm Morphisec Inc. details a previously undocumented malware family dubbed “PyStoreRAT” that abuses trusted open-source platforms and Windows scripting ...
CSOonline

Russian APT abuses Windows Hyper-V for persistence and malware execution

Recently documented Curly COMrades group bypasses traditional host-based EDR solutions by spinning up VMs with deceptive names using Windows’ own bare-metal hypervisor. Cyberespionage groups are ...
AOL

Fake Windows update installs hidden malware

If you've ever clicked "Check for updates" and trusted what you saw, you're not alone. That's exactly what this latest scam is counting on. The page mimics official branding, includes a believable ...
Bleeping Computer

Chinese hackers target Linux with new WolfsBane malware

A new Linux backdoor called 'WolfsBane' has been discovered, believed to be a port of Windows malware used by the Chinese 'Gelsemium' hacking group. ESET security researchers who analyzed WolfsBane ...