#peaklight — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #peaklight, aggregated by home.social.
-
Happy Wednesday everyone!
Today's #readoftheday is a tale of victims getting compromised when they tried to download pirated movies! Mandiant (part of Google Cloud) reports that it all started with a zip file whos title hinted that it would be a movie but really contained a malicious LNK (Microsoft Shortcut files) that executes a PowerShell downloader script which leads to the #PEAKLIGHT malware, another PowerShell-based downloader.
Interestingly, one of the variations uses an executable named Setup.exe which appears to be masquerading as a legitimate application, which is a common technique that is used by threat actors to gain trust from their victims!
As always, enjoy the rest of the article, I hope you have time to read it for yourself, and stay tuned for your Threat Hunting Tip of the Day!
PEAKLIGHT: Decoding the Stealthy Memory-Only Malwarehttps://cloud.google.com/blog/topics/threat-intelligence/peaklight-decoding-stealthy-memory-only-malware/
Cyborg Security Intel 471 #CyberSecurity #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting
-
Evasive Memory-Only Malware PEAKLIGHT Uses Pirated Movies To Deliver Payloads https://thecyberexpress.com/memory-only-malware-peaklight-pirated-movies/ #TheCyberExpressNews #CybersecurityNews #TheCyberExpress #FirewallDaily #PiratedMovies #MemoryOnly #PowerShell #PEAKLIGHT #Payloads #malware
-
Not to flex, but my team released a report on a loader a few days before Mandiant released their own! :p
Both articles for reference!
https://www.orangecyberdefense.com/global/blog/cert-news/emmenhtal-a-little-known-loader-distributing-commodity-infostealers-worldwide
https://cloud.google.com/blog/topics/threat-intelligence/peaklight-decoding-stealthy-memory-only-malware/?hl=en -
Not to flex, but my team released a report on a loader a few days before Mandiant released their own! :p
Both articles for reference!
https://www.orangecyberdefense.com/global/blog/cert-news/emmenhtal-a-little-known-loader-distributing-commodity-infostealers-worldwide
https://cloud.google.com/blog/topics/threat-intelligence/peaklight-decoding-stealthy-memory-only-malware/?hl=en -
Not to flex, but my team released a report on a loader a few days before Mandiant released their own! :p
Both articles for reference!
https://www.orangecyberdefense.com/global/blog/cert-news/emmenhtal-a-little-known-loader-distributing-commodity-infostealers-worldwide
https://cloud.google.com/blog/topics/threat-intelligence/peaklight-decoding-stealthy-memory-only-malware/?hl=en -
Not to flex, but my team released a report on a loader a few days before Mandiant released their own! :p
Both articles for reference!
https://www.orangecyberdefense.com/global/blog/cert-news/emmenhtal-a-little-known-loader-distributing-commodity-infostealers-worldwide
https://cloud.google.com/blog/topics/threat-intelligence/peaklight-decoding-stealthy-memory-only-malware/?hl=en -
Not to flex, but my team released a report on a loader a few days before Mandiant released their own! :p
Both articles for reference!
https://www.orangecyberdefense.com/global/blog/cert-news/emmenhtal-a-little-known-loader-distributing-commodity-infostealers-worldwide
https://cloud.google.com/blog/topics/threat-intelligence/peaklight-decoding-stealthy-memory-only-malware/?hl=en