Common Information
| Type | Value |
|---|---|
| Value |
User Execution |
| Category | Attack-Pattern |
| Type | Mitre-Ics-Techniques |
| Misp Type | Cluster |
| Description | Adversaries may rely on a targeted organizations’ user interaction for the execution of malicious code. User interaction may consist of installing applications, opening email attachments, or granting higher permissions to documents. Adversaries may embed malicious code or visual basic code into files such as Microsoft Word and Excel documents or software installers. Execution of this code requires that the user enable scripting or write access within the document. Embedded code may not always be noticeable to the user especially in cases of trojanized software |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-08-29 | 34 | DNS Early Detection - Malicious Trojan Installers for WINSCP and PUTTY - Breaking the Kill Chain | Infoblox | ||
| Details | Website | 2024-08-29 | 5 | Introducing: Manufacturing Sector Threat Landscape - ReliaQuest | ||
| Details | Website | 2024-08-28 | 44 | BlackByte blends tried-and-true tradecraft with newly disclosed vulnerabilities to support ongoing attacks | ||
| Details | Website | 2024-08-28 | 14 | Scammers Use ScreenConnect To Defraud SSA Beneficiaries - Cyble | ||
| Details | Website | 2024-08-28 | 49 | Operation Oxidový: Sophisticated Malware Campaign Targets Czech Officials Using NATO-Themed Decoys - Blogs on Information Technology, Network & Cybersecurity | Seqrite | ||
| Details | Website | 2024-08-21 | 13 | UAC-0020 (Vermin) Activity Detection: A New Phishing Attack Abusing the Topic of Prisoners of War at the Kursk Front and Using FIRMACHAGENT Malware - SOC Prime | ||
| Details | Website | 2024-08-20 | 11 | RansomHub Ransomware – Everything You Need to Know | Red Piranha | ||
| Details | Website | 2024-07-30 | 33 | Malicious Inauthentic Falcon Crash Reporter Installer Delivers Malware Named Ciro | ||
| Details | Website | 2024-07-30 | 4 | Phishing targeting Polish SMBs continues via ModiLoader | ||
| Details | Website | 2024-07-29 | 20 | Attackers (Crowd)Strike with Infostealer Malware - Perception Point | ||
| Details | Website | 2024-07-25 | 24 | Malicious Inauthentic Falcon Crash Reporter Installer Distributed to German Entity | ||
| Details | Website | 2024-07-24 | 29 | Malware Distributed Using Falcon Sensor Update Phishing Lure | CrowdStrike | ||
| Details | Website | 2024-07-18 | 26 | HotPage: Story of a signed, vulnerable, ad-injecting driver | ||
| Details | Website | 2024-07-15 | 42 | CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks | ||
| Details | Website | 2024-06-18 | 53 | ONNX Store: Phishing-as-a-Service Platform Targeting Financial Institution | ||
| Details | Website | 2024-06-12 | 27 | Dipping into Danger: The WARMCOOKIE backdoor — Elastic Security Labs | ||
| Details | Website | 2024-06-04 | 17 | Pulsedive Blog | Latrodectus Threat Research | ||
| Details | Website | 2024-05-29 | 72 | Malware Analysis: Blind Eagle's North American Journey | ||
| Details | Website | 2024-05-15 | 45 | To the Moon and back(doors): Lunar landing in diplomatic missions | ||
| Details | Website | 2024-05-10 | 24 | In The Shadow Of Venus: Trinity Ransomware's Covert Ties - Cyble | ||
| Details | Website | 2024-04-17 | 90 | Malvertising campaign targeting IT teams with MadMxShell | ||
| Details | Website | 2024-04-11 | 94 | Cybercriminal Campaign Spreads Infostealers, Highlighting Risks to Web3 Gaming | Recorded Future | ||
| Details | Website | 2024-04-04 | 67 | BlueDuck: an(other) Infostealer Coveting Digital Marketing Agencies’ Facebook Business Accounts | ||
| Details | Website | 2024-03-27 | 65 | European diplomats targeted by SPIKEDWINE with WINELOADER | ||
| Details | Website | 2024-03-20 | 18 | Rescoms rides waves of AceCryptor spam |