A multi-stage phishing campaign targeting Russia abuses GitHub and Dropbox to disable Microsoft Defender and deploy Amnesia RAT and ransomware.

The Tidyverse Blog offers insights, tutorials, and updates on the Tidyverse, a collection of R packages for data science and statistical computing. Covering topics such as data manipulation, visualization, and analysis, the blog provides resources for R developers looking to leverage the power of the Tidyverse for their data projects. Developers can learn how to use Tidyverse packages effectively to clean, transform, and analyze data in R.

The Hacker News

A sophisticated multi-stage phishing campaign targeting Russian organizations uses GitHub and Dropbox to distribute malware while disabling Microsoft Defender through the defendnot tool. The attack chain deploys Amnesia RAT for comprehensive data theft and remote control, along with Hakuna Matata-derived ransomware for file encryption. The campaign leverages social engineering with business-themed documents, PowerShell scripts, and Visual Basic scripts to establish persistence, disable security controls, and exfiltrate data via Telegram Bot API. Similar campaigns like Operation DupeHike are also targeting Russian corporate entities with DUPERUNNER implant and AdaptixC2 framework.

Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware