SNOW Malware Ecosystem Uses Teams Phishing, WebSocket Tunnels, and Browser Extensions

Threat actors are increasingly chaining classic phishing with collaboration platforms and covert tunneling to create highly believable intrusion paths. A recent multi-stage campaign attributed to UNC6692 exposes how adversaries combine email bombardment, Microsoft Teams impersonation, malicious browser extensions, WebSocket tunnels,…

Chrome 150 Update Patches 27 Vulnerabilities

The security refresh resolves 13 use-after-free bugs, including two critical-severity flaws found by Google. The post Chrome 150 Update Patches 27 Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Chrome 150 Update…

Everest Ransomware Encryptor Uses ConfuserEx-Protected .NET Binary With Wake-on-LAN Capability

A recent technical analysis of an Everest ransomware encryptor reveals a purpose-built, ConfuserEx-protected .NET 4.0 binary that combines heavy obfuscation, misleading cryptographic declarations, and uncommon network tactics to maximize impact and impede response. The analyzed sample (hlntqyun.exe, SHA-256 1df92b…) is…

New Helix Extortion Group Targets Enterprises With MFA Abuse and SharePoint Exfiltration

A previously unreported data extortion operation dubbed “Helix” that targets enterprises using identity-focused entry techniques and automated SharePoint exfiltration. The group’s playbook combines voice phishing (vishing), device-code phishing to capture session tokens and bypass Conditional Access controls, rapid MFA registration…