Alert: New Zero-Day Attacks Bypass Security Systems – December 2024 Threat Update

Alert: New Zero-Day Attacks Bypass Security Systems - December 2024 Threat Update

Latest Cyber Threats: A Comprehensive Analysis

Recent cybersecurity investigations have uncovered several sophisticated attack vectors threatening organizations worldwide. Here’s an analysis of the most significant current threats:

Zero-day Attack Using Corrupted Files
– Attackers are utilizing corrupted Word documents and ZIP archives to bypass security systems
– Files show zero detections on VirusTotal
– When opened with native applications, files self-restore and release malicious content
– ANY.RUN sandbox successfully detects and analyzes these threats through interactive cloud VM

Fileless Malware Campaign
– New attack utilizing Psloramyra loader to distribute Quasar RAT
– Employs LoLBaS technique with PowerShell scripts
– Operates entirely in system memory, leaving no disk traces
– Maintains persistence through scheduled tasks running every two minutes

Azure Blob Storage Exploitation
– Phishing campaigns hosted on Azure cloud storage
– Utilizes *.blob[.]core[.]windows[.]net subdomain
– Collects victim’s system information to appear legitimate
– Targets user credentials through fake login forms

Emmenhtal Loader Operations
– Multi-stage attack chain using various scripts
– Process includes:
– LNK file initialization
– PowerShell execution
– AES encryption/decryption
– Delivers various malware including Lumma, Amadey, and others

These emerging threats demonstrate the evolving sophistication of cyber attacks, emphasizing the importance of advanced security measures and continuous monitoring.

Share This Article