CSOonline

Gootbot: A new post-exploitation implant for lateral movementsearch result poisoning campaigns

The creators of Gootloader, a malicious program commonly used to deploy ransomware and other malware threats on enterprise networks, have developed a new second-stage implant. Dubbed GootBot, the new ...
Bleeping Computer

New Specula tool uses Outlook for remote code execution in Windows

Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named "Specula," released today by cybersecurity firm ...
Hosted on MSN

Fog ransomware attacks use employee monitoring tool to break into business networks

Fog ransomware was seen using Syteca, a legitimate employee monitoring tool, to log keys and grab passwords It also used open-source tools for payload dropping and file exfiltration The attack was ...