Read all Blogs from this Author
CloudSEK uncovered a surge in Iran-linked cyberattacks targeting Israel and its allies. Groups like APT42, APT34, MuddyWater, and hacktivist Handala are conducting espionage, data theft, and DDoS attacks. These actors use phishing, credential theft, and stealthy tools to infiltrate sensitive sectors. CloudSEK advises organizations to patch vulnerabilities, monitor DNS traffic, and enforce zero-trust security policies.
A fileless AsyncRAT campaign is targeting German-speaking users via a fake “I’m not a robot” prompt that executes malicious PowerShell code. Delivered through Clickfix-themed sites, it abuses system utilities to load obfuscated C# code in memory, enabling full remote access and credential theft. It persists via registry keys and communicates with a C2 server on port 4444. Organizations should block suspicious PowerShell activity and scan memory for threats.
Read all Whitepapers and reports from this Author
O relatório CloudSEK sobre o cenário de ameaças de 2025 no Oriente Médio revela um forte aumento nos ataques cibernéticos liderados por hacktivistas alinhados ao estado, grupos de ransomware e mercados da dark web. Finanças, governo e telecomunicações emergiram como os principais alvos, com mais de 748 incidentes coordenados e crescentes vazamentos de dados, extorsão e violações específicas do setor. Um relatório conciso e de alto impacto que os líderes devem ler para entender as ameaças em evolução de 2025
Read MoreRead all knowledge base articles from this Author
