Peeling back Banana RAT. [Research Saturday]
CyberWire Daily20 Kesä

Peeling back Banana RAT. [Research Saturday]

This week, we are joined by Tom Kellermann, Trend Micro's VP of AI Security and Threat Research, discussing their work on "Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud." Researchers from Trend Micro's MDR team uncovered the full operation behind Banana RAT, a sophisticated banking trojan they track as SHADOW-WATER-063, by analyzing both attacker infrastructure and infected victim systems. The malware uses fileless PowerShell execution, layered obfuscation, and remote-control capabilities to steal credentials, manipulate banking sessions, intercept Pix QR code payments, and facilitate financial fraud targeting Brazilian banks. The campaign appears to be operated by a Brazilian Portuguese-speaking cybercriminal group with ties to the broader Tetrade banking malware ecosystem and may be evolving toward a malware-as-a-service model. The research and executive brief can be found here: ⁠Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud Learn more about your ad choices. Visit megaphone.fm/adchoices

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(3668)

Navigating the GPS threat landscape, with Brandon Karpf. [T-Minus: Space-Cyber Briefing]

Navigating the GPS threat landscape, with Brandon Karpf. [T-Minus: Space-Cyber Briefing]

Traditionally, GPS jamming attacks have been confined to the ground; however, new data shows that these attacks could be moving to target signals before they even reach the ground. In this week’s epi...

21 Kesä 32min

Vulnerability response: Built for humans, outpaced by machines. [CyberWire-X]

Vulnerability response: Built for humans, outpaced by machines. [CyberWire-X]

For years, security teams had time between discovery and exploitation. Time to triage. Time to validate. Time to prioritize what to fix first. AI has compressed that window. Frontier models now discov...

21 Kesä 25min

CyberWire Daily at 10: A decade of leaks, espionage, and influence operations. [Special Edition]

CyberWire Daily at 10: A decade of leaks, espionage, and influence operations. [Special Edition]

In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner discuss leaks, espionage and influence operations over the past 10 years. Togeth...

19 Kesä 26min

The botnet browser blues.

The botnet browser blues.

International law enforcement disrupts the SocGholish botnet. The UK’s cyber chief says cybersecurity is a contest, not a risk register. Ukraine joins the EU’s cyber reserve. The Gentlemen gang sharpe...

18 Kesä 25min

The nominee in limbo.

The nominee in limbo.

President Trump halts a key intelligence nomination. The FBI warns of a new Microsoft 365 phishing threat. France cuts ties with Palantir. A new Android banking trojan emerges. Fortinet firewalls come...

17 Kesä 31min

No Mythos of escape.

No Mythos of escape.

Emergency talks fail to free Anthropic’s Fable 5. Trump moves to strengthen national security systems. Microsoft patches a critical Copilot flaw. ShinyHunters weaponize a PeopleSoft zero-day. DragonFo...

16 Kesä 31min

The fable ends before it begins.

The fable ends before it begins.

Anthropic pulls Fable 5. OpenAI faces a multistate probe. Handala targets a California water utility. ShinyHunters claims another victim. The FBI and Google take down a major phishing platform. The la...

15 Kesä 29min

Suosittua kategoriassa Politiikka ja uutiset

uutiscast
aikalisa
politiikan-puskaradio
rss-podme-livebox
rss-ootsa-kuullut-tasta
rss-vaalirankkurit-podcast
ootsa-kuullut-tasta-2
otetaan-yhdet
tervo-halme
et-sa-noin-voi-sanoo-esittaa
rss-raha-talous-ja-politiikka
rss-kaikki-uusiksi
aihe
linda-maria
rss-polikulaari-pitka-kiekko-ja-muut-ts-podcastit
rss-asiastudio
rss-girls-finish-f1rst
rss-ulkopoditiikkaa
rss-diet-woke