Threat Research

    Analyzing a Multi-Stage AsyncRAT Campaign via Managed Detection and Response

    A multi-stage campaign linked to AsyncRAT abuses trusted infrastructure to evade detection and ensure reliable payload delivery. Threat actors leverage Cloudflare free-tier services and TryCloudflare tunnels to host WebDAV servers, while phishing emails delivered via Dropbox use double-extension files to trick victims....
    1/12/2026  0
    Read More »

    Unleashing the Kraken Ransomware Group

    In August 2025, Kraken— a Russian-speaking ransomware group that emerged from the former HelloKitty cartel— conducted big-game hunting and double-extortion attacks. Cisco Talos observed the group exploiting SMB vulnerabilities for initial access, then using Cloudflared for persistence and SSHFS for pre-encryption data exfiltration....
    11/14/2025  0
    Read More »

    Cloudflare Participates in Global Operation to Disrupt RaccoonO365

    In early September 2025, Cloudflare partnered with Microsoft to dismantle the RaccoonO365 phishing-as-a-service (PhaaS) operation. The campaign targeted Microsoft 365 users using sophisticated phishing kits with CAPTCHA and anti-bot measures....
    9/17/2025  0
    Read More »

    PHISHING DOMAINS FOR THE HOLIDAYS

    In early November, a threat actor registered over 550 phishing domains impersonating legitimate booking sites, banks, crypto wallets, and restaurants. The email contact for these registrations is “ilotirabec207@gmail.com”....
    11/14/2024  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.