Curly COMrades: Evasion and Persistence via Hidden Hyper-V Virtual Machines

This investigation, conducted with support from the Georgian CERT, uncovered new tools and techniques used by the Curly COMrades threat actor. It established covert, long-term access to victim ...
Windows Latest

Windows 11 is auto-installing People, Files, and Calendar Microsoft 365 apps on business PCs

Microsoft 365 Business/Enterprise is auto-installing three new apps: "People", "Files," and "Calendar" on Windows 11.
CSO Online

Russian APT abuses Windows Hyper-V for persistence and malware execution

Recently documented Curly COMrades group bypasses traditional host-based EDR solutions by spinning up VMs with deceptive ...

Russian hackers hit Windows machines via Linux VMs with new custom malware

Russian hackers known as Curly COMrades have been seen hiding their malware in Linux-based virtual machines (VM) deployed on ...
Cybernews

Russian hackers sneak a full Linux virtual machine inside Windows to run undetected

Russian hackers are abusing Microsoft Hyper-V to create a hidden Linux virtual machine within the victim’s host, enabling ...
Redmondmag.com

Best Practices for PowerShell Dot Sourcing, Part 1

Dot sourcing can simplify large PowerShell scripts -- but without a clear structure, it can quickly lead to chaos.

Russian hackers abuse Hyper-V to hide malware in Linux VMs

The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response ...