The CERT of Ukraine (CERT-UA) revealed that Russia-linked threat actors have compromised multiple government websites this week. The Computer Emergency Response Team of Ukraine (CERT-UA) said that Russia-linked threat actors have breached multiple government websites this week. The government experts attribute the attack to UAC-0056 group (DEV-0586, unc2589, Nodaria, or Lorec53). “the Government Computer Emergency […]
Researchers warn of an evasive cryptojacking malware targeting macOS which spreads through pirated applications Jamf Threat Labs researchers reported that an evasive cryptojacking malware targeting macOS was spotted spreading under the guise of the Apple-developed video editing software, Final Cut Pro. Trojanized versions of legitimate applications are being used to deploy XMRig cryptocurrency miner on […]
Dariy Pankov, a Russian VXer behind the NLBrute malware, has been extradited to the United States from Georgia. The Russian national Dariy Pankov, aka dpxaker, is suspected to be the author of the NLBrute malware. The man has been extradited to the United States from Georgia. “Pankov, a citizen and resident of Russia, was taken […]
Dutch intelligence revealed that many cyber operations attributed to Russia against Ukraine and NATO members have yet to be publicly disclosed. According to a joint report published by the Dutch General Intelligence and Security Service (AIVD), and the Military Intelligence and Security Service (MIVD), many cyber operations conducted by Russia-linked hackers against Ukraine and NATO […]
Researchers warn that the MyloBot botnet is rapidly spreading and it is infecting thousands of systems worldwide. The MyloBot botnet has been active since 2017 and was first detailed by cybersecurity firm Deep Instinct in 2018. MyloBot is a highly evasive Windows botnet that supports advanced anti-analysis techniques. The first sample of the bot analyzed by the […]
Recently emerged HardBit ransomware gang adjusts their demands so the insurance company would cover the ransom cost. The HardBit ransomware group first appeared on the threat landscape in October 2022, but unlike other ransomware operations, it doesn’t use a double extortion model at this time. The gang threatens victims of further attacks if their ransom […]
Researchers spotted a new information stealer, called Stealc, which supports a wide set of stealing capabilities. In January 2023, researchers at SEKOIA.IO discovered a new information stealer, dubbed Stealc, which was advertised in the dark web forums. The malware was developed by a threat actor that uses the moniker Plymouth who claims the info-stealer supports a […]
The LockBit ransomware gang claims to have hacked Aguas do Porto, a Portuguese municipal water utility company. The LockBit ransomware gang claims to have hacked Aguas do Porto, a Portuguese municipal water utility company, and is threatening to leak the stolen data. Aguas do Porto is a municipal water utility company that manages the full […]
Experts spotted a malware dubbed Frebniis that abuses a Microsoft IIS feature to deploy a backdoor and monitor all HTTP traffic to the system. Broadcom Symantec researchers have spotted a new malware, tracked as Frebniis, that abuses Microsoft Internet Information Services (IIS) to deploy a backdoor and monitor all HTTP traffic to the infected system, […]
GoDaddy discloses a security breach, threat actors have stolen source code and installed malware on its servers in a long-runing attack. Web hosting company GoDaddy announced that attackers have stolen source code and installed malware on its servers. The threat actors have breached its cPanel shared hosting environment, the company states that it is not […]