Decrypt

Astaroth Banking Trojan Harnessing GitHub to Steal Crypto Credentials

The keylogging malware is capable of using GitHub to redirect itself to new servers whenever existing servers go offline.
CSO Online

Open-source DFIR Velociraptor was abused in expanding ransomware efforts

China-based threat actors abused outdated Velociraptor to maintain persistence and help deploy Warlock, LockBit, and Babuk ...

This obscure Microsoft Excel tool imports PDF data without mangling it

I don’t use Microsoft Excel all that often, so it remains a bit of a mystery to me. I can enter text and create graphs and that’s basically it. That’s why I’ve set myself a goal to learn one new Excel ...

Malicious crypto-stealing VSCode extensions resurface on OpenVSX

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and ...
The Register on MSN

Ransomware crims that exploited SharePoint 0-days add Velociraptor to their arsenal

And they’re likely still abusing the same SharePoint flaws for initial access The ransomware gang caught exploiting Microsoft ...