Cyware Feed _ 22 novembre 2022_ _ 0 Comments DEV-0569 Group Switches Tactics, Abuses Google Ads to Deliver Payloads DEV-0569 uses a malware downloader, BatLoader, that drops the next stage payloads (via PowerShell commands), including Royal ransomware and Cobalt Strike Beacon implant. Author QBot Uses DLL Hijacking, Abuses Control Panel Executable In a Fresh Attack Wave22 novembre 2022Analysis of Luna Moth Callback Phishing Campaign22 novembre 2022