Cisco Talos researchers spot a stealthy new remote administration tool calling ROKRAT that targets Korean-language Microsoft Word alternative Hangul Word Processor.
A unique attack called DNSMessenger uses DNS queries to carry out malicious PowerShell commands on compromised computers.
Black market machine trading has gone beyond the sale of servers and now includes PCs located on corporate networks or that contain sensitive data.
CoreBot is new information-stealing malware in the wild with a modular design that could turn the credential-stealing malware into something much worse.
The dismantled AlientSpy remote access Trojan, the same malware found on the phone of dead Argentine prosecutor Alberto Nisman, has resurfaced with new crypto and a new name.
A cyberespionage campaign pulled off by pro-Syrian hackers against Assad opposition fighters used social engineering to steal military planning documents.
After taking a look at recent Korplug (PlugX) detections, we identified two larger scale campaigns employing this well-known Remote Access Trojan. This blog gives an overview of the first one
The post Korplug military targeted attacks: Afghanistan & Tajikistan appeared first on We Live Security.