Experts recently discovered a multi-platform ransomware, dubbed Tycoon Ransomware, that uses a Java image file (JIMAGE) to evade detection. Experts from BlackBerry Threat Intelligence and KPMG recently discovered a new strain of multi-platform ransomware dubbed Tycoon ransomware. The Tycoon ransomware was used in highly targeted attacks, its operators recently targeted small to medium-sized companies and […]
A Chinese threat actor tracked as Cycldek (aka Goblin Panda, or Conimes) has developed new tool to steal information from air-gapped systems. Security experts from Kaspersky Lab reported that the Chinese threat actor tracked as Cycldek (aka Goblin Panda, or Conimes) has developed new tool to steal information from air-gapped systems. The Cycldek group was […]
This post includes the details of the Coronavirus-themed attacks launched from May 24 to May 30, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. May 26 – Hangzhou could permanently adopt COVID-19 […]
Security researchers uncovered a new COVID-19-themed campaign targeting users of the National Institute for Social Security (INPS). Security experts from D3Lab have uncovered a new COVID-19-themed phishing campaign that is targeting the users of the Italian National Institute for Social Security (INPS). Like a previous campaign observed in early April, threat actors set up a fake […]
Threat actors targeted industrial suppliers in Japan and several European countries in sophisticated attacks, Kaspersky reported. Researchers from Kaspersky’s ICS CERT unit reported that threat actors targeted industrial suppliers in Japan and several European countries in sophisticated attacks. The experts first observed the attacks in early 2020, while in early May, threat actors targeted organizations […]
Valak malware has rapidly changed over the past six months, it was initially designed as a loader, but now it implemented infostealer capabilities. The Valak malware completely changed over the past six months, it was first developed to act as a loader, but now it implements also infostealer capabilities. The malicious code fist appeared in […]
The Ke3chang hacking group added a new malware dubbed Ketrum to its arsenal, it borrows portions of code and features from older backdoors. The Ke3chang hacking group (aka APT15, Vixen Panda, Playful Dragon, and Royal APT) has developed new malware dubbed Ketrum by borrowing parts of the source code and features from their older Ketrican and […]
Microsoft is warning organizations to deploy protections against a new strain of PonyFinal ransomware that has been in the wild over the past two months. Microsoft’s security team issued a series of tweets warning organizations to deploy protections against a new piece of ransomware dubbed PonyFinal that has been in the wild over the past […]
A joint operations conducted by experts from Chinese firms Qihoo 360 Netlab and Baidu dismantle the ShuangQiang ‘s botnet infecting over hundreds of thousands of systems. A joint operation conducted by Chinese security firm Qihoo 360 Netlab and tech giant Baidu disrupted a botnet operated by a group tracked as ShuangQiang (aka Double Gun) that infected […]
Researchers uncovered a new advanced variant of Turla’s ComRAT backdoor that leverages Gmail’s web interface as C2 infrastructure. Cybersecurity researchers discovered a new version of the ComRAT backdoor, also known as Agent.BTZ, which is a malware that was employed in past campaigns attributed to the Turla APT group. Earlier versions of Agent.BTZ were used to […]