Advertisement Β· 728 Γ— 90
#
Hashtag
#XenoRAT
Advertisement Β· 728 Γ— 90
lazarusholic
lazarusholic
@lazarusholic.bsky.social
6 days ago

"DPRK-Related Campaigns with LNK and GitHub C2" published by Fortinet. #LNK, #XenoRAT, #DPRK, #CTI www.fortinet.com/blog/threat-research/dpr...

0 0 0 0
lazarusholic
lazarusholic
@lazarusholic.bsky.social
5 months ago

"Disrupting malicious uses of AI: October 2025" published by OpenAI. #XenoRAT, #Phishing, #Trend, #DPRK, #CTI openai.com/global-affairs/disruptin...

1 0 0 0
π™½π™΄πšƒπšπ™΄πš‚π™΄π™²
π™½π™΄πšƒπšπ™΄πš‚π™΄π™²
@netresec.infosec.exchange.ap.brid.gy
7 months ago
Preview
@netresec

Detecting #XenoRAT C2 connections using example traffic from known malware sample.
πŸ”₯ e0b465d3bd1ec5e95aee016951d55640
πŸ”₯ 5ab23ac79ede02166d6f5013d89738f9
πŸ“‘ Huy1612-24727.portmap[.]io:24727
πŸ“‘ 193.161.193.99:24727
πŸ“‘ 147.185.221.30:54661
https://netresec.com/?b=258f641

0 0 0 0
π™½π™΄πšƒπšπ™΄πš‚π™΄π™²
π™½π™΄πšƒπšπ™΄πš‚π™΄π™²
@netresec.com
7 months ago
Preview
Define Protocol from Traffic (XenoRAT) This video shows how to define a protocol in CapLoader just by providing examples of what the protocol looks like. CapLoader can then identify that protocol in other traffic, regardless of IP address ...

Video: Detecting #XenoRAT C2 connections using example traffic from known malware sample.
πŸ”₯ e0b465d3bd1ec5e95aee016951d55640
πŸ”₯ 5ab23ac79ede02166d6f5013d89738f9
πŸ“‘ Huy1612-24727.portmap[.]io:24727
πŸ“‘ 193.161.193.99:24727
πŸ“‘ 147.185.221.30:54661
netresec.com?b=258f641

1 1 0 0
@matricedigitale.bsky.social
7 months ago
Post image

Campagna XenoRAT colpisce ambasciate in Corea del Sud: spearphishing sofisticato, GitHub come C2 e possibili legami tra DPRK e Cina.

#apt43 #comandoecontrollo(C2) #CoreadelNord #github #Trellix #XenoRAT
www.matricedigitale.it/2025/08/19/k...

0 0 0 0
lazarusholic
lazarusholic
@lazarusholic.bsky.social
7 months ago

"The Coordinated Embassy Hunt: Unmasking the DPRK-linked GitHub C2 Espionage Campaign" published by Trellix. #Kimsuky, #LNK, #Phishing, #XenoRAT, #DPRK, #CTI www.trellix.com/blogs/research/dprk-link...

1 0 0 0
lazarusholic
lazarusholic
@lazarusholic.bsky.social
9 months ago

"Githubλ₯Ό 곡격 μΈν”„λΌλ‘œ μ•…μš©ν•˜λŠ” Kimsuky의 μ΅œμ‹  κ΅­λ‚΄ 곡격 사둀 뢄석" published by ENKI. #Kimsuky, #XenoRAT, #DPRK, #CTI www.enki.co.kr/media-center/blog/dissec...

0 0 0 0
CyberMaterial
CyberMaterial
@cybermaterial.bsky.social
1 year ago
Post image

XenoRAT Hidden in Excel Files! πŸ›‘

Hackers are deploying XenoRAT via Excel XLL files disguised as "Payment Details," bypassing security measures. With advanced obfuscation, this malware steals data while evading detection.

#cybersecurity #malware #xenorat #datasecurity #xxl

0 0 0 0
YourAnonRiots πŸˆοΈπŸ΄πŸ‡΅πŸ‡ΈπŸ‡²πŸ‡²πŸ¦‹
YourAnonRiots πŸˆοΈπŸ΄πŸ‡΅πŸ‡ΈπŸ‡²πŸ‡²πŸ¦‹
@youranonriots.bsky.social
2 years ago
Preview
ANY.RUN - Interactive Online Malware Sandbox Cloud-based malware analysis service. Take your information security to the next level. Analyze suspicious and malicious activities using our innovative tools.


#ANYRUN tracked a new #XenoRAT #stego campaign using images with Base64-encoded MZ files.
⚠️ Campaign changes:
βš™οΈ Switched from uploaddeimagens[.]com[.]br to wallpapercave[.]com
βš™οΈ Anti-VM, .lnk startup launch, VBS script execution.
thn.news/BbqF9eSL

0 0 0 0