Malware

China-linked Winnti APT steals intellectual property from companies worldwideChina-linked Winnti APT steals intellectual property from companies worldwide

China-linked Winnti APT steals intellectual property from companies worldwide

A sophisticated cyberespionage campaign, dubbed Operation CuckooBees, conducted by the China-linked Winnti group remained undetected since at least 2019. Researchers…

3 years ago
Experts linked multiple ransomware strains North Korea-backed APT38 groupExperts linked multiple ransomware strains North Korea-backed APT38 group

Experts linked multiple ransomware strains North Korea-backed APT38 group

Researchers from Trellix linked multiple ransomware strains to the North Korea-backed APT38 group. The ransomware was employed in attacks on…

3 years ago
An expert shows how to stop popular ransomware samples via DLL hijackingAn expert shows how to stop popular ransomware samples via DLL hijacking

An expert shows how to stop popular ransomware samples via DLL hijacking

A security researcher discovered that samples of Conti, REvil, LockBit ransomware were vulnerable to DLL hijacking. The security researcher John…

3 years ago
UNC3524 APT uses IP cameras to deploy backdoors and target ExchangeUNC3524 APT uses IP cameras to deploy backdoors and target Exchange

UNC3524 APT uses IP cameras to deploy backdoors and target Exchange

A new APT group, tracked as UNC3524, uses IP cameras to deploy backdoors and steal Microsoft Exchange emails. Mandiant researchers…

3 years ago
The mystery behind the samples of the new REvil ransomware operationThe mystery behind the samples of the new REvil ransomware operation

The mystery behind the samples of the new REvil ransomware operation

The REvil ransomware gang has resumed its operations, experts found a new encryptor and a new attack infrastructure. The REvil ransomware…

3 years ago
Russia-linked APT29 targets diplomatic and government organizationsRussia-linked APT29 targets diplomatic and government organizations

Russia-linked APT29 targets diplomatic and government organizations

Russia-linked APT29 (Cozy Bear or Nobelium) launched a spear-phishing campaign targeting diplomats and government entities. In mid-January 2022, security researchers…

3 years ago
Emotet tests new attack chain in low volume campaignsEmotet tests new attack chain in low volume campaigns

Emotet tests new attack chain in low volume campaigns

Emotet operators are testing new attack techniques in response to Microsoft's move to disable Visual Basic for Applications (VBA) macros…

3 years ago
Bumblebee, a new malware loader used by multiple crimeware threat actorsBumblebee, a new malware loader used by multiple crimeware threat actors

Bumblebee, a new malware loader used by multiple crimeware threat actors

Threat actors have replaced the BazaLoader and IcedID malware with a new loader called Bumblebee in their campaigns. Cybercriminal groups…

3 years ago
Conti ransomware operations surge despite the recent leakConti ransomware operations surge despite the recent leak

Conti ransomware operations surge despite the recent leak

Conti ransomware gang continues to target organizations worldwide despite the massive data leak has shed light on its operations. Researchers…

3 years ago
North Korea-linked APT37 targets journalists with GOLDBACKDOORNorth Korea-linked APT37 targets journalists with GOLDBACKDOOR

North Korea-linked APT37 targets journalists with GOLDBACKDOOR

North Korea-linked APT37 group is targeting journalists that focus on DPRK with a new piece of malware. North Korea-linked APT37…

3 years ago
Show more Posts
Show previous Posts