-
Aug 28, 2023
Lockbit v3 (also known as Lockbit Black), surfaced in June 2022. However, September 2022 saw the leakage of its builder, enabling the creation of custom ransomware versions. The builder’s availability empowered any individual to tailor the ransomware, leading to the… read more »
-
Aug 13, 2023
Researchers at ESET have uncovered several cyber espionage campaigns carried out by the MoustachedBouncer group, which is linked to the Belarusian government. These cyber criminals used a variety of techniques to target foreign embassies in the country, using the NightClub… read more »
-
Aug 5, 2023
SOC Multi-tool is a browser extension with a wide range of features and capabilities. The project is community-driven and the developer (Zachary Henard) encourages users to contribute and share better resources. Available on the Chrome Web Store and compatible with… read more »
-
Jul 17, 2023
The task of adversary attribution and how it should be done is a controversial topic in the cyber threat intelligence community. This is because there is no standardized way of doing attribution, starting with naming the threat actors. Each security… read more »
-
Jul 14, 2023
Analysts from cybersecurity firm Wiz discovered a new fileless malware named PyLoose targeting cloud workloads to hijack their computational resources for Monero cryptocurrency mining. PyLoose is a Python script with a precompiled, base64-encoded XMRig miner, a widely abused open-source tool… read more »
-
Jul 8, 2023
Iran-linked threat actor APT42 has been identified as the source of a recent malware campaign that targets both Windows and macOS operating systems. APT42, also known as Charming Kitten, PHOSPHORUS and TA453, is a notorious nation-state actor known for its… read more »
-
Jul 6, 2023
A new and highly sophisticated threat called RedEnergy has emerged, targeting energy utilities, oil, gas, telecom, and machinery sectors in Brazil and the Philippines. This threat combines the functionalities of a stealer and ransomware, posing a significant risk to its… read more »
-
Jun 27, 2023
A new process injection technique called Mockingjay has been discovered by researchers at cybersecurity firm Security Joes. The technique allows threat actors to execute malicious code on compromised systems without being detected by Endpoint Detection and Response (EDR) and other… read more »