Gootloader malware updated with PowerShell, sneaky JavaScript

30 January 2023

The operators behind Gootloader, a crew dubbed UNC2565, have upgraded the code in cunning ways to make it more intrusive and harder to find. Researchers with Google-owned security shop Mandiant started seeing significant changes to the Gootloader malware package – also known as Gootkit – in November 2022, including using multiple variations of FONELAUNCH, a .NET-based loader, as well as some newly developed payloads and obfuscation techniques.

Read full article on The Register

Date:

30 January 2023

Categorie(s):

NEWS

Tag(s):

IT, Microsoft, News, PowerShell

How insider threats can cause serious security breaches29 April 2024
Closing the cybersecurity skills gap with upskilling programs29 April 2024
Anticipating and addressing cybersecurity challenges29 April 2024
The next step up for high-impact identity authorization29 April 2024
Discord dismantles Spy.pet site that snooped on millions of users29 April 2024