Powershell - Cybersec Sentinel

Powershell

A collection of 2 posts

Evolving Techniques in Cloud Atlas Cyber Attacks

Evolving Techniques in Cloud Atlas Cyber Attacks

Threat Group: Cloud Atlas (also known as Inception) Threat Type: Advanced Persistent Threat (APT) Exploited Vulnerabilities: * CVE-2017-11882: Memory corruption in Microsoft Office. * CVE-2018-0802: Formula editor vulnerability in Microsoft Office exploited via malicious RTF files. Malware Used: * VBShower: Polymorphic VBS-based backdoor. * PowerShower: PowerShell-based malware for reconnaissance and lateral movement. * VBCloud: New

Ymir and RustyStealer Malware Duo Escalates Cyber Threat Landscape

Ymir and RustyStealer Malware Duo Escalates Cyber Threat Landscape

Threat Group: Unidentified Threat Actor Threat Type: Ransomware, Info-Stealer Exploited Vulnerabilities: Common file encryption mechanisms, credential theft techniques Malware Used: Ymir Ransomware, RustyStealer Threat Score: High (8.2/10) — Due to its dual-impact functionality that combines data theft with ransomware encryption. Last Threat Observation: November 10, 2024 Overview A newly