Dark Reading

Exfiltrator-22: The Newest Post-Exploitation Toolkit Nipping at Cobalt Strike's Heels

The post-exploitation tools market has chalked up a newcomer with the emergence of Exfiltrator-22. An upstart alternative to Cobalt Strike, the Exfiltrator-22 framework-as-a-service (FaaS) tool set, ...
Bleeping Computer

Bumblebee malware adds post-exploitation tool for stealthy infections

A new version of the Bumblebee malware loader has been spotted in the wild, featuring a new infection chain that uses the PowerSploit framework for stealthy reflective injection of a DLL payload into ...
Bleeping Computer

New Exfiltrator-22 post-exploitation kit linked to LockBit ransomware

Threat actors are promoting a new 'Exfiltrator-22' post-exploitation framework designed to spread ransomware in corporate networks while evading detection. Threat analysts at CYFIRMA claim that this ...
Dark Reading

Warlock Ransomware Group Augments Post-Exploitation Activities

The Warlock ransomware group continues to exploit unpatched Microsoft SharePoint servers with a new focus on stealthier, more resilient post-exploitation activity, thanks to its use of a new bring ...
CSOonline

Gootbot: A new post-exploitation implant for lateral movementsearch result poisoning campaigns

The creators of Gootloader, a malicious program commonly used to deploy ransomware and other malware threats on enterprise networks, have developed a new second-stage implant. Dubbed GootBot, the new ...
Hosted on MSN

Fog ransomware attacks use employee monitoring tool to break into business networks

Fog ransomware was seen using Syteca, a legitimate employee monitoring tool, to log keys and grab passwords It also used open-source tools for payload dropping and file exfiltration The attack was ...