Cybersec Sentinel - Cybersec Sentinel (Page 4)

Cybersec Sentinel

Cybersec Sentinel: 30+ years of IT expertise, delivering clear, actionable cyber security insights.

FIN6 Skeleton Spider Escalates Enterprise Threats with More_eggs Campaigns

FIN6 Skeleton Spider Escalates Enterprise Threats with More_eggs Campaigns

Threat Group: Skeleton Spider (aka FIN6, Gold Franklin, ITG08, TAAL, Camouflage Tempest, ATK88, MageCart Group 6, TA4557, White Giant) Threat Type: Cybercrime Syndicate Exploited Vulnerabilities: Credential theft, social engineering, cloud abuse (AWS, GoDaddy), PoS exploitation (historical) Malware Used: More_eggs (MaaS by Golden Chickens/Venom Spider), historical: Trinity, FrameworkPOS, Ryuk,

BADBOX 2.0 Botnet Weaponizes Uncertified Devices for Proxies, Fraud, and Credential Theft

BADBOX 2.0 Botnet Weaponizes Uncertified Devices for Proxies, Fraud, and Credential Theft

Threat Group: SalesTracker Group, MoYu Group, Lemon Group, LongTV Threat Type: Android Malware Botnet Exploited Vulnerabilities: Supply chain compromises, malicious third-party apps, uncertified Android devices Malware Used: BB2DOOR (variant of Triada) Threat Score: 🔥 Critical (9.1/10) Last Threat Observation: June 7, 2025 Overview BADBOX 2.0 is a critical

Sandworm Launches Stealth Attack with PathWiper Malware Against Ukraine’s Critical Networks

Sandworm Launches Stealth Attack with PathWiper Malware Against Ukraine’s Critical Networks

Threat Group: Sandworm (APT44 / Seashell Blizzard / Iridium / Voodoo Bear) Threat Type: Wiper Malware Exploited Vulnerabilities: Abuse of legitimate endpoint administration frameworks (initial access suspected via phishing, credential harvesting, or exploitation of edge infrastructure) Malware Used: PathWiper Threat Score: 🔥 Critical (9.1/10) – Due to targeted data destruction across infrastructure, stealthy

Crocodilus Android Malware Emerges as Top-Tier Threat to Banking and Crypto Apps

Crocodilus Android Malware Emerges as Top-Tier Threat to Banking and Crypto Apps

Threat Group: Potentially linked to "sybra" Threat Type: Android Banking Trojan Exploited Vulnerabilities: Abuse of Android Accessibility Services, Android 13+ "Restricted Settings" bypass Malware Used: Crocodilus (variant: Pragma) Threat Score: 🔥 Critical (9.1/10) – Due to advanced obfuscation, bypass of Android protections, cryptocurrency seed collection, and

Acreed Infostealer Becomes Top Credential Theft Tool After Lumma Takedown

Acreed Infostealer Becomes Top Credential Theft Tool After Lumma Takedown

Threat Group: Unknown (Emerging actors on Russian Market) Threat Type: Infostealer Malware Exploited Vulnerabilities: Phishing, Malvertising, SEO Poisoning, ClickFix social engineering, AI-generated deception, DLL-SideLoading Malware Used: Acreed Infostealer Threat Score: 🔴 High (7.8/10) – Rapid adoption, advanced session token theft, and critical infrastructure targeting Last Threat Observation: June 4, 2025

EDDIESTEALER Infostealer Targets Windows Systems with Fake CAPTCHA Campaigns

EDDIESTEALER Infostealer Targets Windows Systems with Fake CAPTCHA Campaigns

Threat Group: Unknown Threat Type: Infostealer Malware Exploited Vulnerabilities: None (Relies on social engineering and fake CAPTCHA delivery) Malware Used: EDDIESTEALER Threat Score: 🔴 High (7.8/10) – Due to its novel Rust implementation, evasive delivery methods, and rapid credential exfiltration techniques. Last Threat Observation: May 30, 2025 Overview EDDIESTEALER is

Katz Stealer Malware Targets Browsers Wallets and Messaging Platforms

Katz Stealer Malware Targets Browsers Wallets and Messaging Platforms

Threat Group: Unknown (operates via MaaS model) Threat Type: Credential and information-stealing malware (Infostealer) Exploited Vulnerabilities: Chrome ABE Bypass, UAC Bypass via cmstp.exe, Process Hollowing via MSBuild.exe Malware Used: Katz Stealer Threat Score: 🔴 High (8.2/10) Last Observed Activity: May 278 2025 Overview This report delivers a

Detect IOCs with YARA on Ubuntu and Windows

Detect IOCs with YARA on Ubuntu and Windows

YARA is one of the most versatile and powerful tools in the arsenal of security engineers and malware analysts. Whether you're defending Windows fleets or Linux servers, mastering YARA means being able to rapidly scan, classify, and hunt down malicious files and patterns based on known indicators of

Threat Actor Azote Group Expands Nitrogen Ransomware Campaign Targeting IT and Finance

Threat Actor Azote Group Expands Nitrogen Ransomware Campaign Targeting IT and Finance

Threat Group: Azote Group / UNC4696 Threat Type: Ransomware (Double Extortion), Initial Access Broker Exploited Vulnerabilities: Malvertising, DLL Sideloading, Vulnerable Drivers, Social Engineering Malware Used: NitrogenLoader, NitrogenInstaller, NitrogenStager, Sliver, Cobalt Strike, BlackCat/ALPHV, KeeLoader Threat Score: 🔥 Critical (9.1/10) – Due to its modular, evasive attack chain, and confirmed links to

Skitnet Malware C2 via DNS and Rust Loader Threatens Enterprise Networks

Skitnet Malware C2 via DNS and Rust Loader Threatens Enterprise Networks

Threat Group: - LARVA-306 Threat Type: - Post-Exploitation Malware / Remote Access Trojan (RAT) Exploited Vulnerabilities: - Not tied to specific CVEs; deployed post-compromise Malware Used: - Skitnet (Bossnet) Threat Score: - 🔴 High (8.3/10) – Due to its DNS C2, Rust/Nim modular design, stealthy persistence, and ransomware group integration