Infosecurity-magazine.com

Walmart Discovers New PowerShell Backdoor Linked to Zloader Malware

An unknown PowerShell backdoor has been discovered alongside a new variant of the Zloader/SilentNight malware, Walmart’s Cyber Intelligence Team has reported. The PowerShell backdoor has been ...
Bleeping Computer

Fake MAS Windows activation domain used to spread PowerShell malware

A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell scripts that infect Windows systems with the 'Cosmali Loader'.

Fake error popups are spreading malware fast

Cybercriminals use ErrTraffic tool to automate malware distribution through fake browser error messages, with attacks ...
Dark Reading

Cut & Paste Tactics Import Malware to Unwitting Victims

Threat actors are using fake browser updates and software fixes to trick users into cutting/copying and pasting PowerShell scripts loaded with various malware strains — including remote access Trojans ...
GIGAZINE

Fake Windows activation domains used to spread PowerShell malware

typosquatting using names that are very similar to the domains used for activation in Microsoft Activation Scripts (MAS), an open-source tool that can activate licenses for Windows and Microsoft ...