North Korea-linked Lazarus APT Group is using a stealthy memory-only RAT that leaves almost no forensic traces behind. North Korea-linked APT group Lazarus has never been shy about its ambitions, the threat actor has been tied to some of the most audacious financial heists in recent memory, draining hundreds of millions from cryptocurrency exchanges and…
Tag: stealthy
AI, Cybersecurity, Data Breaches, Endpoint, Europe, Global Security News, Government & Policy, malware, Network Security, Russia
Russian APT Turla builds long-term access tool with Kazuar Botnet evolution
Russia-linked APT group Turla turned its Kazuar malware into a stealthy P2P botnet for long-term access to compromised systems. Russia-linked APT group Turla upgraded its Kazuar backdoor into a modular peer-to-peer botnet designed for stealth and persistent access to infected systems. Microsoft researchers say the malware allows attackers to maintain long-term control while making detection…
Global Security News
After Replacing TeamPCP Malware, ‘PCPJack’ Steals Cloud Secrets
PCPJack makes innovative use of parquet files for stealthy, pre-validated target discovery as it canvasses multiple cloud environments.
AI, Global Security News, malware, Network Security, Russia
New malware turns Linux systems into P2P attack networks
Attackers have found a new way to turn Linux systems into stealthy supply chain distribution hubs that are resistant to takedowns. Researchers from Trend Micro have disclosed a new malware framework, dubbed Quasar Linux or QLNX, describing it as a modular Linux remote access trojan (RAT). But what sets the campaign apart is the malware…
AI, Cybersecurity, Global Security News
New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of sensitive information from compromised hosts. “The intrusion chain begins with execution of a batch script (‘install_obf.bat’) that disables Windows security controls, dynamically extracts an
AI, Exploits, Global Security News, malware, Network Security
Masjesu botnet targets IoT devices while evading high-profile networks
Masjesu is a stealthy DDoS-for-hire botnet targeting IoT devices, active since 2023 and designed to stay hidden by avoiding high-profile networks. Masjesu is a stealthy botnet active since 2023, advertised as a DDoS-for-hire service. It targets IoT devices like routers and gateways, spanning multiple architectures. Designed for persistence, it executes carefully, avoiding high-profile IP ranges…
AI, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management, Russia
Russia-linked APT28 uses PRISMEX to infiltrate Ukraine and allied infrastructure with advanced tactics
APT28 targets Ukraine and allies with PRISMEX malware, using stealthy techniques for espionage and command-and-control. Russia-linked group APT28 (aka UAC-0001, aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) is running a spear-phishing campaign against Ukraine and its allies, deploying a new malware suite called PRISMEX. Active since September 2025, the campaign uses advanced stealth techniques like steganography and…
AI, Cybersecurity, Global Security News
Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices
Cybersecurity researchers have lifted the curtain on a stealthy botnet that’s designed for distributed denial-of-service (DDoS) attacks. Called Masjesu, the botnet has been advertised via Telegram as a DDoS-for-hire service since it first surfaced in 2023. It’s capable of targeting a wide range of IoT devices, such as routers and gateways, spanning multiple architectures. “Built for
AI, Apps, china, Exploits, Global Security News, Government & Policy, malware, Network Security
China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks
China-linked Red Menshen APT group used stealthy BPFDoor implants in telecom networks to spy on government targets. Rapid7 Labs uncovered a China-linked threat group known as Red Menshen has been running a long-term espionage campaign by infiltrating telecom networks, mainly in the Middle East and Asia. Active since at least 2021, the group uses highly…
AI, Global Security News
Copyright Lures Mask a Multi‑Stage PureLog Stealer Attack on Key Industries
We investigated a stealthy multi‑stage attack campaign that delivers PureLog Stealer entirely in memory using encrypted, fileless techniques.
AI, Global Security News, malware
Microsoft warns of RAT delivered through trojanized gaming utilities
Attackers spread trojanized gaming tools to deliver a stealthy RAT using PowerShell, LOLBins, and Defender evasion tactics. Threat actors are tricking users into running trojanized gaming utilities shared through browsers and chat platforms to deploy a remote access trojan. “Microsoft Defender researchers uncovered a campaign that lured users into running trojanized gaming utilities (Xeno.exe or…
AI, APAC, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security
Ransomware groups switch to stealthy attacks and long-term access
Ransomware attackers are switching tactics in favor of more stealthy infiltration, as the threat of public exposure of sensitive corporate data is becoming the main mechanism of extortion. Picus Security’s annual red-teaming report shows attackers shifting away from loud disruption toward quiet, long-term access — or from “predatory” smash-and-grab tactics to “parasitic” silent residency. Four…