Malware

ALPHV/BlackCat ransomware gang starts publishing victims’ data on the clear webALPHV/BlackCat ransomware gang starts publishing victims’ data on the clear web

ALPHV/BlackCat ransomware gang starts publishing victims’ data on the clear web

ALPHV/BlackCat ransomware group began publishing victims' data on the clear web to increase the pressure on them and force them to…

3 years ago
Malicious apps continue to spread through the Google Play StoreMalicious apps continue to spread through the Google Play Store

Malicious apps continue to spread through the Google Play Store

Researchers at antivirus firm Dr. Web discovered malware in the Google Play Store that was downloaded two million times. An…

3 years ago
Panchan Golang P2P botnet targeting Linux servers in cryptomining campaignPanchan Golang P2P botnet targeting Linux servers in cryptomining campaign

Panchan Golang P2P botnet targeting Linux servers in cryptomining campaign

Researchers discovered a new Golang-based peer-to-peer (P2P) botnet, dubbed Panchan, targeting Linux servers in the education sector since March 2022.…

3 years ago
SeaFlower campaign distributes backdoored versions of Web3 wallets to steal seed phrasesSeaFlower campaign distributes backdoored versions of Web3 wallets to steal seed phrases

SeaFlower campaign distributes backdoored versions of Web3 wallets to steal seed phrases

Chinese cybercriminals are using SeaFlower backdoored versions of iOS and Android Web3 wallets to steal users’ seed phrase. Researchers from…

3 years ago
Experts spotted Syslogk, a Linux rootkit under developmentExperts spotted Syslogk, a Linux rootkit under development

Experts spotted Syslogk, a Linux rootkit under development

Experts spotted a new Linux rootkit, dubbed ‘Syslogk,’ that uses specially crafted "magic packets" to activate a dormant backdoor on the…

3 years ago
Russia-linked APT targets Ukraine by exploiting the Follina RCE vulnerabilityRussia-linked APT targets Ukraine by exploiting the Follina RCE vulnerability

Russia-linked APT targets Ukraine by exploiting the Follina RCE vulnerability

Ukraine's Computer Emergency Response Team (CERT) warns that the Russia-linked Sandworm APT group may exploit the Follina RCE vulnerability. Ukraine's…

3 years ago
GALLIUM APT used a new PingPull RAT in recent campaignsGALLIUM APT used a new PingPull RAT in recent campaigns

GALLIUM APT used a new PingPull RAT in recent campaigns

China-linked Gallium APT employed a previously undocumented RAT, tracked as PingPull, in recent cyber espionage campaign targeting South Asia, Europe,…

3 years ago
HelloXD Ransomware operators install MicroBackdoor on target systemsHelloXD Ransomware operators install MicroBackdoor on target systems

HelloXD Ransomware operators install MicroBackdoor on target systems

Experts observed the HelloXD ransomware deploying a backdoor to facilitate persistent remote access to infected hosts. The HelloXD ransomware first appeared…

3 years ago
Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence serversRansomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers

Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers

Ransomware gangs are actively exploiting CVE-2022-26134 remote code execution (RCE) flaw in Atlassian Confluence Server and Data Center. Multiple ransomware…

3 years ago
Iran-linked Lyceum APT adds a new .NET DNS Backdoor to its arsenalIran-linked Lyceum APT adds a new .NET DNS Backdoor to its arsenal

Iran-linked Lyceum APT adds a new .NET DNS Backdoor to its arsenal

Iran-linked Lyceum APT group uses a new .NET-based DNS backdoor to target organizations in the energy and telecommunication sectors. The…

3 years ago