Hackers Use RedLine C2 Infrastructure to Target South Korean Maritime Industry
A single RedLine Stealer command-and-control (C2) indicator has revealed a focused spear-phishing campaign targeting the South Korean maritime industry, expo...
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
13 articles found
A single RedLine Stealer command-and-control (C2) indicator has revealed a focused spear-phishing campaign targeting the South Korean maritime industry, expo...
Kaspersky experts have uncovered a malicious network infrastructure for delivering AsyncRAT. The Trojan is dropped via compromised ScreenConnect software.
A security researcher, operating under the pseudonym "Srikanth L" and affiliated with CashlessConsumer, has alleged that the IDRBT's Domain Registration Port...
Malware on approximately 2,000 WordPress sites hid C2 instructions in Steam profile comments using invisible Unicode. GoDaddy researchers spotted a command-a...
CSC analysts identified over 65,590 domains with "FIFA" registered between January 2022 and April 2026, none of which were registered by FIFA itself.
Hackers are abusing two bulletproof hosting providers, GHOSTYNETWORKS and OMEGATECH, to run a global JavaScript (JS) malware infrastructure that powers large...
The Glassworm botnet targeting developers in software supply-chain attacks has been disrupted after researchers took down its resilient command-and-control i...
The two own Dutch companies that allegedly provided bulletproof hosting services to Russia-aligned threat actors. The post Admins of Bulletproof Hosting Serv...
Dutch authorities arrested two suspects after dismantling a bulletproof hosting network linked to cybercrime, disinfo, and Russian sanctions evasion.
Hackers are increasingly abusing Middle East telecommunications networks and hosting providers to operate large-scale command-and-control (C2) infrastructure...
Hunt.io mapped 1,350+ C2 servers across the Middle East, revealing how a small group of providers quietly supports major malware activity.
108 malicious Chrome extensions steal sessions, Google data, inject ads via single C2 infrastructure
Analysis of DPRK-linked LNK-based attacks using GitHub as covert C2 infrastructure, detailing multi-stage PowerShell execution, persistence mechanisms, and d...