Tag

Ta558

All articles tagged with #ta558

cybersecurity1 year ago•2 min saved

"Global Enterprises Hit by Steganography Malware Attacks"

The threat actor TA558 has been using steganography to deliver various malware including Agent Tesla, FormBook, Remcos RAT, and others, with a campaign codenamed SteganoAmor. They have targeted sectors in Latin American countries and other regions, while also deploying Venom RAT via phishing attacks in several countries. The group has been observed using compromised SMTP servers and infected FTP servers to stage attacks and steal data. Additionally, another hacking group, Lazy Koala, has been targeting government organizations with a malware called LazyStealer, potentially linked to the group YoroTrooper. This activity is part of a broader trend of social engineering campaigns to spread malware.

via The Hacker News|

#cybersecurity #malware-attacks #phishing

cybersecurity1 year ago•2 min saved

"Global Organizations Targeted by New SteganoAmor Steganography Attacks"

The TA558 hacking group has launched a new campaign called "SteganoAmor," utilizing steganography to conceal malicious code inside images and target over 320 organizations globally. The attacks begin with emails containing document attachments that exploit a Microsoft Office vulnerability, leading to the download of various malware tools. The group's use of steganography makes detection challenging, and the attacks have affected multiple sectors and countries. Updating Microsoft Office to a more recent version can effectively defend against these attacks, and a list of indicators of compromise (IoCs) is available for reference.

via BleepingComputer|

#cybersecurity #malware #steganoamor