The world of cybersecurity is constantly evolving, with new threats emerging every day. One of the latest threats to emerge is the use of CVE-2023-27350 by threat actors to gain initial access to victim machines and servers. This vulnerability is found in the popular print management software, Papercut. In this blog post, we will explore how the threat actors of Cl0p, Lockbit, and Truebot malware are exploiting this vulnerability, and Osquery detections to safeguard from the risks it poses to businesses and organizations.

IcedID, the notorious malware, is actively involved in several delivery campaigns, demonstrating versatility and adaptability. The latest IcedID variants indicate the malware's continuous evolution, and the need for robust cybersecurity measures.

OneNote has been highly cherished by Threat Actors (TAs) in recent months. Unfortunately, many malware distributors have taken notice and are now using OneNote to deliver malicious files to their victims. These actors attach malicious files to a page within OneNote and then share it with their targets as a .one file. The ONE file reaches its targets through phishing emails. Upon opening the attachment, the victim's computer is compromised.

Aurora Stealer a non-friendly program in your neighborhood is developed in Go-lang. The malware was developed for threat actors to steal victims’ sensitive data. Since its initial release, there have been many adaptations to the malware. It started as a botnet having info-stealer capabilities but currently it is a full-time info-stealer which is being sold by the threat actor labelled Cheshire on Russian speaking dark-net forums mentioned by cybersecurity firm Sekoia..