Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

Malicious Python Script with a "Best Before" Date, (Thu, Jun 6th)

published on 2024-06-06 09:26:14 UTC by
Content:
When you buy some fresh food, it's always a good idea to keep an eye on the best-before date. I found a funny piece of malicious Python script that implements the same technique. It will execute only before a specified date (Jun 10th in this case). The script purpose is classic: it will fetch a payload from a remote site, inject it in memory and start a new thread. Such payload are usually related to CobaltStike. I think that the script is still being developed and the attacker tested its score on VT because the payload is fetched from an RFC1918 IP address.
Article: Malicious Python Script with a "Best Before" Date, (Thu, Jun 6th) - published 6 months ago.

https://isc.sans.edu/diary/rss/30988   
Published: 2024 06 06 09:26:14
Received: 2024 06 06 10:36:11
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Views: 0

Custom HTML Block

Click to Open Code Editor