Malware & Threats Elusive Chinese Cyberspy Group Hijacks Software Updates to Deliver Malware The China-linked cyberespionage group Blackwood has been caught delivering malware to entities in China and Japan. Ionut ArghireJanuary 26, 2024
Malware & Threats Information Stealer Exploits Windows SmartScreen Bypass Attackers exploit a recent Windows SmartScreen bypass vulnerability to deploy the Phemedrone information stealer. Ionut ArghireJanuary 15, 2024
Malware & Threats Several Infostealers Using Persistent Cookies to Hijack Google Accounts A vulnerability in Google’s authentication process allows malware to restore cookies and hijack user sessions. Ionut ArghireJanuary 3, 2024
Malware & Threats 21 New Mac Malware Families Emerged in 2023 A total of 21 new malware families targeting macOS systems were discovered in 2023, a 50% increase compared to 2022. Eduard KovacsJanuary 3, 2024
Malware & Threats North Korean Hackers Developing Malware in Dlang Programming Language North Korean hackers have used Dlang-based malware in attacks against manufacturing, agriculture, and physical security organizations. Ionut ArghireDecember 11, 2023
Malware & Threats ‘BlazeStealer’ Malware Delivered to Python Developers Looking for Obfuscation Tools Checkmarx uncovers a malicious campaign targeting Python developers with malware that takes over their systems. Ionut ArghireNovember 9, 2023
Malware & Threats New MacOS Malware Linked to North Korean Hackers New macOS malware, tracked by Jamf as ObjCShellz, is likely being used by North Korean hackers to target crypto exchanges Kevin TownsendNovember 7, 2023
Malware & Threats Malicious NuGet Packages Abuse MSBuild Integrations for Code Execution Threat actors are constantly publishing malicious NuGet packages to automatically execute code on developers’ machines. Ionut ArghireNovember 1, 2023
Malware & Threats Advanced ‘StripedFly’ Malware With 1 Million Infections Shows Similarities to NSA-Linked Tools The StripedFly malware has APT-like capabilities, but remained unnoticed for five years, posing as a cryptocurrency miner. Ionut ArghireOctober 27, 2023
Malware & Threats Qakbot Hackers Continue to Push Malware After Takedown Attempt Qakbot cybercriminals continue to push malware, which shows they are still operational after the recent takedown attempt. Eduard KovacsOctober 5, 2023
Cyberwarfare UAE-Linked APT Targets Middle East Government With New ‘Deadglyph’ Backdoor UAE-linked APT group Stealth Falcon has used the new Deadglyph backdoor in an attack targeting a governmental entity in the Middle East. Ionut ArghireSeptember 26, 2023
Malware & Threats Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer Cisco has observed multiple threat actors adopting the SapphireStealer information stealer after its source code was released on GitHub. Ionut ArghireSeptember 1, 2023