Malware & Threats Qakbot Hackers Continue to Push Malware After Takedown Attempt Qakbot cybercriminals continue to push malware, which shows they are still operational after the recent takedown attempt. Eduard KovacsOctober 5, 2023
Cyberwarfare UAE-Linked APT Targets Middle East Government With New ‘Deadglyph’ Backdoor UAE-linked APT group Stealth Falcon has used the new Deadglyph backdoor in an attack targeting a governmental entity in the Middle East. Ionut ArghireSeptember 26, 2023
Malware & Threats Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer Cisco has observed multiple threat actors adopting the SapphireStealer information stealer after its source code was released on GitHub. Ionut ArghireSeptember 1, 2023
Cyberwarfare Five Eyes Report: New Russian Malware Targeting Ukrainian Military Android Devices Five Eyes report details 'Infamous Chisel' malware used by Russian state-sponsored hackers to target the Ukrainian military’s Android devices. Eduard KovacsAugust 31, 2023
Malware & Threats DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner The DreamBus botnet has resurfaced and it has been exploiting a recently patched Apache RocketMQ vulnerability to deliver a Monero miner. Eduard KovacsAugust 30, 2023
Malware & Threats Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device Mysterious Whiffy Recon malware scans for nearby Wi-Fi access points to obtain the location of the infected device. Eduard KovacsAugust 24, 2023
Cybercrime Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer Cyfirma security researchers uncover the real identity of the CypherRAT and CraxsRAT malware developer and MaaS operator. Ionut ArghireAugust 21, 2023
Malware & Threats Thousands of Systems Turned Into Proxy Exit Nodes via Malware Threat actors have been observed deploying a proxy application on Windows and macOS systems that were infected with malware. Ionut ArghireAugust 17, 2023
Malware & Threats CISA Analyzes Malware Used in Barracuda ESG Attacks CISA has shared analysis reports on three malware families obtained from an organization hacked via a recent Barracuda ESG vulnerability. Ionut ArghireJuly 31, 2023
Cybercrime Black Hat Hacker Exposes Real Identity After Infecting Own Computer With Malware A threat actor’s real identity was uncovered after they infected their own computer with an information stealer. Ionut ArghireJuly 18, 2023
Malware & Threats Millions of Smartphones Distributed Worldwide With Preinstalled ‘Guerrilla’ Malware A threat actor tracked as Lemon Group has control over millions of smartphones distributed worldwide thanks to preinstalled Guerrilla malware. Eduard KovacsMay 18, 2023
Malware & Threats New ‘Lobshot’ hVNC Malware Used by Russian Cybercriminals Russian cybercrime group TA505 has been observed using new hVNC malware called Lobshot in recent attacks. Ionut ArghireMay 1, 2023