Windows - Cybersec Sentinel (Page 3)

Windows

A collection of 23 posts

GHOSTPULSE Infiltration via MSIX Application Packages

GHOSTPULSE Infiltration via MSIX Application Packages

Threat Group: Unknown Threat Type: Multi-stage Malware Loader Exploited Vulnerabilities: DLL Side-loading, Module Stomping, Process Doppelgänging Malware Used: GHOSTPULSE Threat Score: High (8.5/10) — Due to advanced evasion techniques and targeting of commonly used software through deceptive MSIX packages. Last Threat Observation: October 30, 2024 Overview GHOSTPULSE is a

Espionage and Influence Meet Malware in UNC5812's Campaign Against Ukraine

Espionage and Influence Meet Malware in UNC5812's Campaign Against Ukraine

Threat Group: UNC5812 Threat Type: Hybrid Espionage and Influence Operation Exploited Vulnerabilities: Android and Windows vulnerabilities, including CVE-2024-47575 Malware Used: SUNSPINNER, PURESTEALER, CRAXSRAT, Pronsis Loader Threat Score: High (8.5/10) — due to multifaceted espionage and influence tactics targeting military sectors. Last Threat Observation: October 29, 2024 Overview UNC5812, a

ValleyRAT Malware Exploits Privilege Escalation and Evasion in Targeted Attacks

ValleyRAT Malware Exploits Privilege Escalation and Evasion in Targeted Attacks

Threat Group: Silver Fox (suspected) Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: Privilege abuse through COM interfaces (CMSTPLUA, fodhelper.exe), Scheduled Task creation, Registry Run Keys manipulation Malware Used: ValleyRAT Threat Score: High (8.5/10) — Due to advanced evasion, multi-stage infection, and targeted campaign scope within China Last