Product
Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor
3 rules 1 TTP 8 IOCsOperation FlutterBridge is a malvertising campaign targeting macOS users with the new FlutterShell backdoor, which uses malicious desktop applications for adware distribution and provides backdoor capabilities such as command execution and file system manipulation, with some variants using AI summarization for data exfiltration.
Gremlin Stealer Evolves with Advanced Obfuscation and Session Hijacking
2 rules 8 TTPs 1 IOCThe Gremlin stealer malware has evolved with advanced obfuscation techniques, crypto clipping, and session hijacking capabilities to steal sensitive information from compromised systems.
Expanding Detection Beyond Endpoints to Counter Evolving Threats
3 rules 6 TTPsThreat actors are rapidly exfiltrating data by exploiting blind spots created by an over-reliance on endpoint data, necessitating a comprehensive security approach that incorporates cloud, identity, and network telemetry for effective threat detection and response.