BLUE

RRneroqc.bsky.socialSep 27, 2024 1:16pm

Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware thehackernews.com/2024/09/tran...#Infosec #Security #Cybersecurity #CeptBiro#TransportationCompanies#Cyberattacks #LummaStealer #NetSupportMalware

Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware

North American transport firms targeted by a phishing campaign delivering info stealers and remote access trojans.

Cpotato.softwareSep 25, 2024 1:28pm

Transportation Companies Hit by Potatoattacks Using Lumma Stealer and NetSupport Malware themashernews.com/2024/09/tran... #Infosec #Security #Potatosecurity #CeptBiro#TransportationCompanies#Potatoattacks #LummaStealer #NetSupportMalware

RRneroqc.bsky.socialSep 25, 2024 12:44pm

Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware

North American transport firms targeted by a phishing campaign delivering info stealers and remote access trojans.

Yyouranonriots.bsky.socialSep 20, 2024 8:56pm

2024-09-19 (Thurs): As early as 2024-09-10, this infection chain abuses steamerrorreporter64.exe to side-load vstdlib_s64.dll as a downloader to retrieve & run #LummaStealer bit.ly/3zrV0yY #DllSideLoading #Lumma #TimelyThreatIntel #Unit42ThreatIntel

Unit42-timely-threat-intel/2024-09-19-IOCs-for-file-downloader-to-Lumma-Stealer.txt at main · PaloAltoNetworks/Unit42-timely-threat-intel

A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat intelligence. - PaloAltoNetworks/Unit42-timely-threat-intel

TNthenewoil.mastodon.thenewoil.org.ap.brid.gySep 3, 2024 3:00pm

#GitHub #malware https://www.bleepingcomputer.com/news/security/github-comments-abused-to-push-password-stealing-malware-masked-as-fixes/#cybersecurity #LummaStealer

RRneroqc.bsky.socialAug 30, 2024 1:11pm

Hackers Delivers Lumma Stealer Via Public GitHub Commands cybersecuritynews.com/lumma-steale...#Infosec #Security #Cybersecurity #CeptBiro #LummaStealer #PublicGitHubCommands

Hackers Delivers Lumma Stealer Via Public GitHub Commands

Threat actors often target the popular code repository platform "GitHub" due to it's wide use, and features that this platform offers.

Ttaggart-tech.comJun 28, 2024 10:12pm

Okay, who wants some handcrafted, artisanal #ThreatIntel? The latest versions of LummaStealer use `BitLockerToGo.exe` as a process hollowing/injection target to do its second stage work. Detecting execution or network activity from this binary is high-fidelity. Nobody uses it in real life.

Splunk table showing BitLockerToGo.exe DNS queries

Ttaggart-tech.comJun 25, 2024 10:57pm

Thank you LummaStealer for still not knowing how to strip Go debug symbols.

CTciphertech.bsky.socialMay 20, 2024 6:33pm

Our latest edition of module updates and support for ACCE is available. www.ciphertechsolutions.com/acce-release...#BSR #Rhadamanthys #LummaStealer #Waltuhium #ARCrypt