Cybersecurity researchers have unveiled new details about a remote access Trojan called Deuterbear RAT, used by the China-affiliated hacker group BlackTech in a cyber-espionage campaign targeting the Asia-Pacific region. BlackTech, active since at least...
The cybersecurity firm Symantec has identified a new tool employed by the North Korean group Kimsuki, targeting governmental and commercial organizations in South Korea. This new malware, named Gomir, is the Linux version of...
The Microsoft Threat Intelligence team has uncovered a new campaign by the group Storm-1811, utilizing the Quick Assist tool to conduct social engineering attacks on users. Quick Assist is a legitimate Microsoft application that...
According to a recent report by ESET, the Ebury botnet has infected nearly 400,000 Linux servers since 2009. As of the end of 2023, approximately 100,000 servers remain at risk. ESET researchers have been...
Researchers have identified an actively evolving social engineering campaign aimed at gaining initial access to corporate IT systems for further exploitation. The perpetrators bombard enterprises with spam emails to capture the attention of employees....
Since April of this year, millions of phishing emails have been sent through the Phorpiex botnet as part of a large-scale campaign employing LockBit Black ransomware. This warning comes from the New Jersey Cybersecurity...
Security researchers from Phylum have discovered a malicious package in the popular PyPI repository, masquerading as the well-known library “requests,” but posing a significant threat to the entire developer community. The package, named “requests-darwin-lite,”...
eSentire has reported a new wave of attacks by the FIN7 hacker group, which has disguised itself as well-known brands to distribute malware. The attacks targeted users who clicked on fake ads in Google,...
Recently, cybersecurity experts have detected a new version of HijackLoader malware, now featuring enhanced methods to thwart analysis. This upgrade enables the malware to remain undetected within compromised networks for extended periods. Researchers at...
The intelligence services revived the seized LockBit website to announce new information disclosed by law enforcement agencies. Following the extensive “Chronos” operation, authorities dismantled the LockBit infrastructure and transformed one of its leak sites...
Researchers from Kandjii have identified a new piece of malicious software named Cuckoo, targeted at Apple macOS systems. This malware not only establishes a persistent presence in infected systems but also performs a range...
The cyberespionage group APT42 employs social engineering to infiltrate corporate networks and cloud environments in the West and the Middle East. Mandiant, which first documented the group’s activities in September 2022, reports that APT42...
Yaroslav Vasinskyi was sentenced to 13 years and seven months in prison in the United States for his involvement in major cyberattacks using the REvil ransomware virus. In addition to his prison term, the...
In Finland, cybercriminals have intensified their efforts, deploying malicious Android applications aimed at hacking bank accounts, as warned by the local Finnish Transport and Communications Agency (Traficom). These fraudsters are sending SMS messages in...
According to Amnesty International, Indonesia has been covertly acquiring spyware through a complex network of intermediaries spanning from Israel to Greece, Singapore, and Malaysia. The organization asserts that its investigation has uncovered a systemic...
Cybersecurity experts from the ASEC laboratory have uncovered a series of sophisticated cyberattacks targeting Microsoft SQL Servers (MS-SQL). The group known as TargetCompany is deploying the Mallox ransomware to encrypt systems and extort victims....
