From June 2023 to February 2024, specialists from Sophos‘s cyber intelligence division identified 19 different types of ransomware being offered for sale on four dark web forums for relatively modest sums, ranging from $20...
A service called Spy Pet has raised alarms among Discord users by offering archival and activity tracking services on the platform for a nominal fee of $5. Spy Pet enables third parties, potentially including...
A new type of banking malware for Android, named “SoumniBot,” employs an unconventional obfuscation method that leverages vulnerabilities in the process of extracting and analyzing the Android manifest. This allows it to circumvent standard...
Since 2015, certain Ukrainian government networks have remained infected with a malicious program known as OfflRouter. Researchers from Cisco Talos have analyzed over 100 infected documents, which enabled them to identify the virus’s ongoing...
Fortinet reports that malicious actors continue to exploit a year-old vulnerability in TP-Link routers, incorporating them into various botnets for conducting DDoS attacks. The command injection vulnerability, CVE-2023-1389 (CVSS score: 8.8), was identified at...
In 2023, the United States food and agriculture sector encountered no fewer than 167 ransomware attacks, ranking it as the seventh most vulnerable among all industries in the country, according to the inaugural annual...
The latest study by Kaspersky Lab delves into the ramifications of the LockBit 3.0 builder leak that occurred in 2022. This event significantly empowered cybercriminals to create highly customizable malicious software versions, enhancing the...
A team of cybersecurity experts has detected a resurgence of a cyberespionage campaign targeting users in South Asia. The objective of these attacks is to deploy a new version of the malicious software LightSpy,...
Recently, details emerged about a new cyberattack tool developed by the Iranian hacker group MuddyWater, also known as Boggy Serpens, Mango Sandstorm, and TA450. Affiliated with Iran’s Ministry of Intelligence and Security, this cybercriminal...
ESET reports on a new malicious campaign targeting users in South Asia, initiated in November 2021 and disseminating malware through specialized websites and the Google Play Store. The infected applications, while providing legitimate functionalities,...
In March 2024, cybercriminals launched an attack on dozens of organizations in Germany using a PowerShell script, presumably developed with the aid of artificial intelligence. The campaign involved the distribution of the infostealer Rhadamanthys....
Researchers have uncovered a new large-scale attack utilizing the malicious Raspberry Robin software. Since March 2024, cybercriminals have actively been distributing it through modified Windows Script Files (WSF). As noted by HP Wolf Security...
Cybersecurity specialists have uncovered a sophisticated multi-stage attack employing phishing messages themed around invoices to disseminate various types of malicious software, including Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and different info stealers targeting...
Recently, researchers at Malwarebytes have observed an ongoing wave of cyber attacks targeted at system administrators via fraudulent advertisements for PuTTY and FileZilla utilities. These advertisements appear as sponsored results in the Google search...
A cybercriminal group from Romania, known under the codename “RUBYCARP,” is exploiting known vulnerabilities and brute force methods to breach corporate networks and servers for financial gain, according to a recent report by Sysdig....
Experts at Palo Alto Networks have discovered that cybercriminals are increasingly resorting to so-called “scanning attacks,” initiated by malicious software, to detect vulnerabilities within target networks. Intriguingly, a significant majority of such attacks originate...
