-
Sep 26, 2023
RansomedVC is a recent ransomware collective, which was initially detected by Malwarebytes and SocRadar in August 2023 after publishing information about nine victims on its dark web page: It gained notoriety after announcing that it had violated SONY: The singular… read more »
-
Sep 24, 2023
Stealth Falcon APT (aka Project Raven or FruityArmor), a state-sponsored hacking group from the United Arab Emirates (UAE), is mainly known for targeting activists, journalists, and dissidents in the Middle East. Cybersecurity researchers from ESET have discovered a previously undocumented… read more »
-
Sep 15, 2023
UNC3944, a financially motivated threat group, has been leveraging SMS phishing (smishing) campaigns to target organizations and gain unauthorized access to their systems. According to a detailed report by Mandiant, the group uses phone-based social engineering and smishing to obtain… read more »
-
Aug 29, 2023
Japan’s computer emergency response team (JPCERT) recently identified a new attack method named ‘MalDoc in PDF’, which manages to elude detection by incorporating a malicious Word file within a PDF file. According to researchers, a MalDoc in PDF file possesses… read more »
-
Aug 28, 2023
Lockbit v3 (also known as Lockbit Black), surfaced in June 2022. However, September 2022 saw the leakage of its builder, enabling the creation of custom ransomware versions. The builder’s availability empowered any individual to tailor the ransomware, leading to the… read more »
-
Aug 13, 2023
Researchers at ESET have uncovered several cyber espionage campaigns carried out by the MoustachedBouncer group, which is linked to the Belarusian government. These cyber criminals used a variety of techniques to target foreign embassies in the country, using the NightClub… read more »
-
Aug 5, 2023
SOC Multi-tool is a browser extension with a wide range of features and capabilities. The project is community-driven and the developer (Zachary Henard) encourages users to contribute and share better resources. Available on the Chrome Web Store and compatible with… read more »
-
Jul 17, 2023
The task of adversary attribution and how it should be done is a controversial topic in the cyber threat intelligence community. This is because there is no standardized way of doing attribution, starting with naming the threat actors. Each security… read more »
-
Jul 14, 2023
Analysts from cybersecurity firm Wiz discovered a new fileless malware named PyLoose targeting cloud workloads to hijack their computational resources for Monero cryptocurrency mining. PyLoose is a Python script with a precompiled, base64-encoded XMRig miner, a widely abused open-source tool… read more »
-
Jul 8, 2023
Iran-linked threat actor APT42 has been identified as the source of a recent malware campaign that targets both Windows and macOS operating systems. APT42, also known as Charming Kitten, PHOSPHORUS and TA453, is a notorious nation-state actor known for its… read more »
-
Jul 6, 2023
A new and highly sophisticated threat called RedEnergy has emerged, targeting energy utilities, oil, gas, telecom, and machinery sectors in Brazil and the Philippines. This threat combines the functionalities of a stealer and ransomware, posing a significant risk to its… read more »
-
Jun 27, 2023
A new process injection technique called Mockingjay has been discovered by researchers at cybersecurity firm Security Joes. The technique allows threat actors to execute malicious code on compromised systems without being detected by Endpoint Detection and Response (EDR) and other… read more »
-
Jun 25, 2023
Crostini is the technology used by Google to make Linux application support easy to use and integrate well with Chrome OS. The goal of this guide use the Chrome OS Terminal with Arch Linux distros alongside the default penguin (stripped-down)… read more »
-
Jun 22, 2023
Apple has released security patches to address two zero-day vulnerabilities (CVE-2023-32434 and CVE-2023-32439) exploited in the spyware campaign known as Operation Triangulation. The spyware TriangleDB, active since 2019 and discovered by cybersecurity firm Kaspersky, targets its victims by sending malicious… read more »
-
Jun 17, 2023
According to a recent research, The Onion Router network, which provides anonymity and resistance to identification and tracking, has a new vulnerability that could compromise the anonymity of its users. Already in 2014, Tor issued a security advisory after discovering… read more »
-
Jun 16, 2023
‘There are so many fragile things, after all. People break so easily, and so do dreams and hearts.’ Inspired by the literary work of Neil Gaiman, this collection of five tracks aims to take you on a relaxing journey exploring… read more »
-
Jun 15, 2023
A suspected pro-China threat group, UNC4841, has been identified as the perpetrator of data-theft attacks on Barracuda Email Security Gateway (ESG) appliances. The group exploited a now-patched zero-day vulnerability, CVE-2023-2868, to gain unauthorized access and steal sensitive data. Mandiant, a… read more »
-
Jun 13, 2023
Greg Brockman, one of the co-founders of OpenAI, created a demo for a TED Talk in which ChatGPT is given the ability to access the Internet and external services. The ChatBot, with access to external reality, consults documents, provides links… read more »
-
Jun 10, 2023
The threat actor known as Asylum Ambuscade has been observed straddling cybercrime and cyber espionage operations since at least early 2020. In a recent analysis by ESET, it was revealed that Asylum Ambuscade is a crimeware group targeting bank customers… read more »
-
Jun 7, 2023
A new ransomware group named Rhysida has emerged in the cyber threat landscape, targeting various organizations between 23 May 2023 and 4 June 2023. This group has already made its presence known by naming and targeting multiple victims, which include… read more »