Skeleton Spider, also known as FIN6, is a long-running financially motivated cybercrime group that has continually evolved its tactics to maximize impact and profit. While the group initially gaine...
Key Takeaways DanaBot is a Malware-as-a-Service platform that emerged in 2018 with numerous capabilities to facilitate banking fraud, information theft, and provide remote access. The platform has ...
◈ Executive Summary Deployed a covert infiltration strategy using a three-stage communication channel: Facebook, email, and Telegram. Lured targets with seemingly credible content related to Nort...
Overview APT41 is a highly sophisticated Chinese state-sponsored threat actor known for conducting both espionage and financially motivated cyberattacks. This group targets a wide range of sectors,...
NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2023-38674 PaddlePaddle - PaddleP...
The FBI has issued a warning that BADBOX 2.0 malware is surging through residential consumer electronics, infecting millions of internet-connected devices. The malware, often preloaded onto inexpen...
Introduction Seqrite Labs APT-Team has recently found a campaign targeting the Chinese Telecom Industry. The campaign is aimed at targeting China Mobile Tietong Co., Ltd., which is a well-known su...
Understanding the landscape of cyber threats, particularly Russian-affiliated ransomware, is a complex and evolving challenge. The traditional model of tracking distinct, unified ransomware groups ...
In 2024, we discovered new Windows-based malware called Blitz. This article provides an in-depth analysis of the malware, examines its distribution, and reviews Blitz malware’s command and control ...
The abuse of known security flaws to deploy bots on vulnerable systems is a widely recognized problem. Many automated bots constantly search the web for known vulnerabilities in servers and devices...
NEW: CVE vendor-product description metric Referenceurl title GithubURL CVE-2023-6980 mostafas1990 - WP SMS –...
Paige had been looking forward to it since she bought the new console. However, it wasn’t to be. “We didn’t even make it as far as starting to download the game, because it wouldn’t let me log in t...
Source: Symantec Excerpt: “Extensions analyzed expose information such as browsing domains, machine IDs, OS details, usage analytics, and more. Many users assume that popular Chrome extensions ad...
Ukraine has seen nearly one-fifth of its Internet space come under Russian control or sold to Internet address brokers since February 2022, a new study finds. The analysis indicates large chunks of...
Law enforcement agencies recently dismantled avcheck[.]net through Operation Endgame, a major international effort targeting cybercrime infrastructure. This platform was known for helping cybercrim...
Cisco Talos observed a destructive attack on a critical infrastructure entity within Ukraine, using a previously unknown wiper we are calling “PathWiper”. The attack was instrumented via a legitim...
ClickFix is not a malware, but a very successful social engineering technique. It primarily relies on MFA verification fatigue and fake CAPTCHA pages to silently install malware. Researchers have ...
Three Key Takeaways: Chinese state-sponsored hackers infiltrated a U.S. telecommunications company as early as the summer of 2023, a full year before previously known breaches. The malware re...
In 2024, ESET researchers discovered several malicious tools in the systems used by Kurdish and Iraqi government officials. The APT group behind the attacks is BladedFeline, an Iranian threat actor...
Recently, we came across a detection in our telemetry report named “PM KISAN YOJNA”, masquerading as the official government application that has gained our attention. This latest Android malware i...