Gootloader now uses 1,000-part ZIP archives for stealthy delivery

The Gootloader malware, typically used for initial access, is now using a malformed ZIP archive designed to evade detection ...
IEEE

MalCAFF: A Cross Attention-Based Feature Fusion Framework for Malware Classification

Abstract: Malware detection faces growing challenges due to sophisticated obfuscation techniques that undermine the robustness of single-modal approaches relying solely on static code analysis or ...
The Hacker News

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

The Chinese hacking group known as Mustang Panda (aka HoneyMyte) has leveraged a previously undocumented kernel-mode rootkit driver to deliver a new variant of backdoor dubbed TONESHELL in a cyber ...
IEEE

Evasion of Deep Learning Malware Detection via Adversarial Selective Obfuscation

Abstract: In this work, we present a novel approach for generating adversarial attacks on malware classification systems that rely on image-based representations of binary executables. Our method ...
Dark Reading

Uzbek Users Under Attack by Android SMS-Stealers

Users in Uzbekistan are being targeted by Android SMS stealer malware, and it's a practice that's been going on for quite some time. That's according to research coming from cybersecurity vendor Group ...
thecyberexpress

Sophisticated Attack Campaign Exposes Loader Used by Multiple Threat Actors

Cyble researchers have identified a sophisticated attack campaign that uses obfuscation, a unique User Account Control (UAC) bypass and other stealthy techniques to deliver a unified commodity loader ...
GitHub

ZYPE: Your Payload Encryptor

In the following example, I will use MSFvenom to generate a Windows shellcode to execute calc.exe and use ZYPE to do the IPv6 obfuscation. Let's first generate the shellcode. This will generate the ...