Cybersecurity researchers have uncovered a malware campaign that uses false software installers to deliver the Winos 4.0 framework. The campaign leverages gaming apps and VPN tools as bait for users. The malware, named Catena, essentially takes control over the entire infected system and connects with attacker-controlled servers for further commands. The campaigns tend to target Chinese-speaking environments, indicating the potential involvement of Chinese-originated threat actor Silver Fox.
Swarmer Tool Evading EDR With a Stealthy Modification on Windows Registry for Persistence
Praetorian Inc. has publicly released Swarmer, a tool enabling low-privilege attackers to achieve stealthy Windows registry persistence by sidestepping Endpoint Detection and Response (EDR) monitoring.
