#powershellattack

New DeepLoad Malware Dropped in ClickFix Attacks ReliaQuest has observed an in-the-wild campaign distributing a new malware family called DeepLoad that steals credentials and intercepts browser interactions. The campaign uses the ClickFix technique to trick users into running a persistent PowerShell loader that compiles evasive DLLs, injects into LockAppHost.exe, and facilitates real-time cryptocurrency theft. #DeepLoad #ClickFix...

New DeepLoad malware uses ClickFix fake browser errors to deploy a persistent PowerShell loader that injects into LockAppHost.exe, stealing credentials and enabling real-time crypto theft. #DeepLoadMalware #PowerShellAttack #USA

Cato CTRL™ Threat Research: Vishing and Microsoft Teams Used to Deliver PhantomBackdoor Cato CTRL researchers observed a vishing-driven delivery that used Microsoft Teams helpdesk impersonation and screen sharing to coax a victim into executing staged PowerShell, which loaded an in-memory payload and established a WebSocket-based backdoor. Defenders are advised to treat collaboration tools as attack surfaces and apply controls such as ticket validation, restricting external Teams access, and PowerShell hardening. #PhantomBackdoor #MicrosoftTeams

Vishing attack leverages Microsoft Teams helpdesk impersonation and screen sharing to execute staged PowerShell, delivering an in-memory PhantomBackdoor via WebSocket. Collaboration tools seen as attack surfaces. #PhantomBackdoor #PowerShellAttack

Fake DocuSign Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack installed on the compromised computers read more about Fake DocuSign Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack

Fake DocuSign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack reconbee.com/fake-docusig...

#Docusign #gitcode #NetsupportRAT #powershellattack #cyberattack #cybersecurity #RAT