In this blog, we highlight four tools representing a unique infection chain utilized by NOBELIUM: EnvyScout, BoomBox, NativeZone, and VaporRage. These tools have been observed being used in the wild as early as February 2021 attempting to gain a foothold on a variety of sensitive diplomatic and government entities.| Microsoft Security Blog
Microsoft Threat Intelligence Center (MSTIC) has uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind the attacks against SolarWinds, the SUNBURST backdoor, TEARDROP malware, GoldMax malware, and other related components. The campaign, initially observed and tracked by Microsoft since January 2021, evolved over a series of waves demonstrating significant experimentation.| Microsoft Security Blog
Mimikatz is an open-source application that exploits Windows vulnerabilities in to get passwords of its host system and all present computers in the local area network.| Gridinsoft LLC
The latest activities of a Chinese threat actor using PlugX malware, targeting foreign and domestic policy entities and embassies in Europe.| Gridinsoft Blogs
Cobalt Strike is an extensive kit for malware delivery and control, initially designed as a tool for red team penetration testers. Hackers acquired it as well, appreciating its extensive potential.| Gridinsoft LLC
A backdoor is a covert method that allows unauthorized remote access to a system or device. Cybercriminals use backdoors to maintain persistent access, steal data, deploy additional malware, and control compromised systems. This comprehensive guide explains backdoor types, real-world examples, detection challenges, and essential prevention strategies.| Gridinsoft LLC
Spyware is basically sneaky software that's meant to sneak into your computer, snatch up info about you, and then send it off to someone else without you giving the green light. On one hand, it can also be used to talk about legit software that keeps an eye on your data for things like advertising. But when we say "malicious spyware" we're talking about the bad guys using it to make a buck off swiping your personal info.| Gridinsoft LLC
Phishing is a kind of attack of tricking you into sharing login/password, credit card, and other sensitive information by posing as a trusted institution or private person in an email or on-site.| Gridinsoft LLC