North Korean hackers exploited the eScan antivirus update mechanism to embed backdoors into corporate networks and disseminate cryptocurrency miners using the malicious software, GuptiMiner. Cybersecurity firm Avast reports that the perpetrators conducted an adversary-in-the-middle...
According to a recent report by Cisco Talos, the CoralRaider group is utilizing CDN platforms to disseminate malware in the United States, the United Kingdom, Germany, and Japan. The campaign aims to pilfer credentials,...
On April 17, researchers at Zscaler exposed a malicious software distribution campaign targeting IT professionals. This operation employs deceptive advertising of popular network utilities to implant a new backdoor named MadMxShell. The campaign was...
Cybersecurity experts from Fortinet have identified a new malicious package in the PyPI registry for developers, aimed at stealing user data from Discord. The package, named “discordpy_bypass-1.7,” was published on March 10, 2024, and...
In the first quarter of 2024, the percentage of companies that agreed to pay ransoms to cybercriminals reached a record low of 28%. This statistic was provided by Coveware, a firm specializing in cybersecurity....
The operator of the HelloKitty ransomware program has announced a rebranding to HelloGookie and has released passwords for previously leaked source codes of CD Projekt RED, information about Cisco networks, as well as decryption...
From June 2023 to February 2024, specialists from Sophos‘s cyber intelligence division identified 19 different types of ransomware being offered for sale on four dark web forums for relatively modest sums, ranging from $20...
A service called Spy Pet has raised alarms among Discord users by offering archival and activity tracking services on the platform for a nominal fee of $5. Spy Pet enables third parties, potentially including...
A new type of banking malware for Android, named “SoumniBot,” employs an unconventional obfuscation method that leverages vulnerabilities in the process of extracting and analyzing the Android manifest. This allows it to circumvent standard...
Since 2015, certain Ukrainian government networks have remained infected with a malicious program known as OfflRouter. Researchers from Cisco Talos have analyzed over 100 infected documents, which enabled them to identify the virus’s ongoing...
Fortinet reports that malicious actors continue to exploit a year-old vulnerability in TP-Link routers, incorporating them into various botnets for conducting DDoS attacks. The command injection vulnerability, CVE-2023-1389 (CVSS score: 8.8), was identified at...
In 2023, the United States food and agriculture sector encountered no fewer than 167 ransomware attacks, ranking it as the seventh most vulnerable among all industries in the country, according to the inaugural annual...
The latest study by Kaspersky Lab delves into the ramifications of the LockBit 3.0 builder leak that occurred in 2022. This event significantly empowered cybercriminals to create highly customizable malicious software versions, enhancing the...
A team of cybersecurity experts has detected a resurgence of a cyberespionage campaign targeting users in South Asia. The objective of these attacks is to deploy a new version of the malicious software LightSpy,...
Recently, details emerged about a new cyberattack tool developed by the Iranian hacker group MuddyWater, also known as Boggy Serpens, Mango Sandstorm, and TA450. Affiliated with Iran’s Ministry of Intelligence and Security, this cybercriminal...
ESET reports on a new malicious campaign targeting users in South Asia, initiated in November 2021 and disseminating malware through specialized websites and the Google Play Store. The infected applications, while providing legitimate functionalities,...
