Malware

ZuoRAT malware hijacks SOHO Routers to spy in the vitimsZuoRAT malware hijacks SOHO Routers to spy in the vitims

ZuoRAT malware hijacks SOHO Routers to spy in the vitims

A new RAT dubbed ZuoRAT was employed in a campaign aimed at small office/home office (SOHO) routers in North American…

3 years ago
LockBit 3.0 introduces important novelties, including a bug bounty programLockBit 3.0 introduces important novelties, including a bug bounty program

LockBit 3.0 introduces important novelties, including a bug bounty program

The LockBit ransomware operators released LockBit 3.0 with important novelties, including a bug bounty program and Zcash payments. The Lockbit…

3 years ago
New Matanbuchus Campaign drops Cobalt Strike beaconsNew Matanbuchus Campaign drops Cobalt Strike beacons

New Matanbuchus Campaign drops Cobalt Strike beacons

Matanbuchus malware-as-a-service (Maas) has been observed spreading through phishing campaigns, dropping Cobalt Strike beacons. Threat intelligence firm Cyble has observed a…

3 years ago
Ukrainian telecommunications operators hit by DarkCrystal RAT malwareUkrainian telecommunications operators hit by DarkCrystal RAT malware

Ukrainian telecommunications operators hit by DarkCrystal RAT malware

The Ukrainian CERT-UA warns of attacks against Ukrainian telecommunications operators involving the DarkCrystal RAT. The Governmental Computer Emergency Response Team…

3 years ago
Attackers exploited a zero-day in Mitel VOIP devices to compromise a network Attackers exploited a zero-day in Mitel VOIP devices to compromise a network 

Attackers exploited a zero-day in Mitel VOIP devices to compromise a network

Experts warn threat actors have exploited a zero-day vulnerability in a Mitel VoIP appliance in a ransomware attack. CrowdStrike researchers…

3 years ago
Google TAG argues that Italian surveillance firm RCS Labs was helped by ISPs to infect mobile usersGoogle TAG argues that Italian surveillance firm RCS Labs was helped by ISPs to infect mobile users

Google TAG argues that Italian surveillance firm RCS Labs was helped by ISPs to infect mobile users

Google's Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on…

3 years ago
Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoorChinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

China-linked APT group Tropic Trooper has been spotted previously undocumented malware written in Nim language. Check Point Research uncovered an activity…

3 years ago
NSO Group told lawmakers that Pegasus spyware was used by at least 5 European countriesNSO Group told lawmakers that Pegasus spyware was used by at least 5 European countries

NSO Group told lawmakers that Pegasus spyware was used by at least 5 European countries

The Israeli surveillance firm NSO Group revealed that its Pegasus spyware was used by at least five European countries. The…

3 years ago
Magecart attacks are still around but are more difficult to detectMagecart attacks are still around but are more difficult to detect

Magecart attacks are still around but are more difficult to detect

Researchers from Malwarebytes warns that the Magecart skimming campaign is active, but the attacks are more covert. Magecart threat actors…

3 years ago
Crooks are using RIG Exploit Kit to push Dridex instead of Raccoon stealerCrooks are using RIG Exploit Kit to push Dridex instead of Raccoon stealer

Crooks are using RIG Exploit Kit to push Dridex instead of Raccoon stealer

Threat actors are using the Rig Exploit Kit to spread the Dridex banking trojan instead of the Raccoon Stealer malware.…

3 years ago