An unknown threat cluster, Green Nailao, has been actively targeting European organizations, particularly in the healthcare sector, between June and October 2024. Tracked by Orange Cyberdefense CERT, this campaign exploited CVE-2024-24919 on vulnerable Check Point Security Gateways to deploy ShadowPad and PlugX, two implants linked to China-nexus cyber intrusions. Our reverse-engineering team uncovered a highly obfuscated ShadowPad variant using Windows services and registry keys for persiste...| www.orangecyberdefense.com
A stealthy MaaS infostealer exfiltrating browser, crypto, and system data, Katz Stealer is enabling full campaign control for threat actors.| SentinelOne
Lumma Stealer is an advanced information-stealing malware targeting cryptocurrency wallets and browser data. Learn how it evades detection, spreads through cracked software and social media, and how to protect your systems.| Gridinsoft LLC
Introduction Infection flow Malicious email Analysis results Discussion Countermeasures IoCs This post is also available in: 日本語 Introduction ITOCHU Cyber & Intelligence Inc. (abbr. : ICI) routinely observes a large volume of spam emails to identify new attack tactics and the early stages of mass-at…| Researcher Blog - ITOCHU Cyber & Intelligence Inc.