Blog

Ring Home Security Ransomware Cyberattack ALPHV Threat Group

Ring home security shuts down allegations of a ransomware attack

The home security product developer, Ring, denied the accusations that it became a subject of a ransomware attack recently. According to the company, there has been no indication that its system has fallen victim to such an attack after a cybercriminal group threatened to publish alleged stolen data. The home security company responded to the attackers’...
Continue Reading
Hackers ScrubCrypt Crypter Exploit WebLogic Flaw Vulnerability Vendor Risk

Hackers used ScrubCrypt crypter to exploit the WebLogic flaw

The 8220 malicious threat group has reemerged and targets the Oracle Weblogic server vulnerabilities using the ScrubCrypt crypter. Based on reports, the group uses the newly discovered crypter since it could provide them with the ability to bypass security systems and avoid debugging tools. The 8220 gang has been very active since the start of 2023....
Continue Reading
Prometei Botnet Malware Compromised Systems Infection Cyberattack

The Prometei botnet compromises thousands of systems

Since November last year, the Prometei botnet developers have released its latest version, which infected over 10,000 systems globally. Based on reports, the current campaign does not have a specific target region, but most of its victims came from Indonesia, Turkey, and Brazil. Researchers first spotted Promotei nearly a decade ago, a modular botnet containing numerous...
Continue Reading
Exotic Lily IAB Malicious Cyberattack Campaigns Phishing

Exotic Lily IAB threatens targets with a new malicious campaign

The Initial Access Broker (IAB) entity, Exotic Lily, has been active since its first appearance in the cybercriminal landscape. This group has gained popularity among the cybercriminal community since it affiliates with well-known ransomware gangs like Conti and Diavol. Researchers recently discovered that the group currently has an ongoing phishing campaign. Based on reports, the phishing...
Continue Reading
Akuvox Smart Intercom Critical Flaws Vulnerability Exploit Spying

Akuvox smart intercom contains critical flaws for spying

The Akuvox smart intercom has several new critical vulnerabilities that could let an attacker exploit and use it for malicious purposes. Researchers said the affected entity has yet to release a patch for the issue. The cooperation of three concerned cybersecurity entities allegedly obtained the characteristics of the flaw. Moreover, these researchers claimed that they have...
Continue Reading
Cerebral Healthcare Patients Data Breach Medical Vendor Risk

Millions of Cerebral healthcare patients get impacted by a breach

About 3.8 million people were notified of a data breach that had recently affected a healthcare platform ‘Cerebral’ after the company detected that patients’ information had been exposed to third parties without appropriate consent. According to Cerebral’s published notice on its website, the logging features of invisible pixel trackers they use on several third parties on...
Continue Reading
Hackers Vector Spread Infostealers Malicious YouTube Videos

Hackers spread infostealers via malicious YouTube videos

Malicious actors have been spreading malware stealer strains via AI-generated YouTube videos, an issue that has been increasing in the cybercrime landscape. These propagated malware stealer strains include Raccoon, RedLine, and Vidar. According to a security researcher, the operation involves YouTube videos pretending to be tutorials for people looking to download pirated versions of applications and...
Continue Reading
TA499 Threat Actors North America Europe Cyberattack Campaign Impersonation Fraud Prevention

TA499 targets North America and Europe in a new campaign

Russian-backed advanced persistent threat group TA499 aggressively targets big-time government entities and CEOs of high-profile companies in North America and Europe. Researchers believe the new campaign consists of two members, Vladimir Kuznetsov and Alexei Stolyarov. These actors are notorious for using fake video calls to deceive their targets. The group has been active since a couple...
Continue Reading
Colour-Blind RAT Spreads Compromised PyPI Packages Phyton

Colour-Blind RAT spreads through compromised PyPI packages

A malicious PyPI package has been currently spreading a fully featured information stealer and remote access trojan called Colour-Blind RAT. The PyPI repositories have become a frequent and easy target entity of numerous attackers since anyone could publish packages without going through reviews, code testing, or user validation. Based on reports, the RAT resides in a...
Continue Reading
BlackLotus UEFI Bootkit Security Breach Windows 11 Brand Abuse Vulnerability

BlackLotus UEFI Bootkit, the first entity to breach Windows 11

A research group claimed that the latest strain of BlackLotus malware had compromised the fully-patched Windows 11 equipped with UEFI Secure Boot. Based on reports, this malware is the first publicly disclosed UEFI bootkit that avoids the fully updated Secure Boot. Researchers first identified the BlackLotus malware in October of last year. Moreover, it is the...
Continue Reading
Exfiltrator-22 Post Exploitation Cybercriminal Tool Malware

Exfiltrator-22, a new powerful post-exploitation cybercriminal tool

The alleged former members of the LockBit ransomware group have developed a new post-exploitation tool dubbed Exfiltrator-22. Threat actors specially craft the Exfiltrator-22 or EX-22 by taking ideas from the leaked source code of other post-exploitation tools. Researchers stated that the new post-exploitation kit functions as a framework-as-a-service model and distributes ransomware in corporate networks while...
Continue Reading
LockBit Ransomware Group Technique Bypass MOTW Security

LockBit group has a new technique to bypass the MOTW security

Because of a new tactic, the LockBit group has been experiencing massive success in their data exfiltration attacks against big-time organisations. Researchers explained that the group’s momentum allowed them to add more victims to their data leak site. Experts claimed that one of the significant reasons for this threat group’s successful campaigns is a new tactic...
Continue Reading
Phishing Campaign Masquerade Trezor Wallet Brand Abuse Cryptocurrency

Phishing campaign masquerade as Trezor wallet to deceive targets

A new phishing campaign impersonates Trezor and distributes data breach notifications to fool targets and steal cryptocurrency assets. Trezor is a hardware crypto wallet that users could use to store their cryptocurrency funds offline in cloud-based wallets or apps. This hardware crypto wallet could add protection from malware and infected devices since it is not meant...
Continue Reading
DoppelPaymer Gang Members Raid Policy Enforcement Hackers Malware Operators Arrested

DoppelPaymer core members faced a raid from authorities

A joint operation of the German and Ukrainian law enforcement authorities resulted in the raid of the suspected DoppelPaymer ransomware core members. The raid was launched last February 28 and received support from the US FBI and the Dutch National Police. Reports reveal that the raid on the DoppelPaymer core members involved busting a German national’s...
Continue Reading
Hackers Compromised Credentials FTP Website Hijacking

Hackers abused compromised FTP credentials to hijack websites

A new widespread redirection campaign targets thousands of users from East Asia through legitimate FTP credentials. Numerous incidents showed that the attackers acquired highly secure auto-generated FTP credentials and utilised them to infect the victim websites to guide their visitors to another explicit-packed webpage. Researchers claimed that the campaign compromised at least 10,000 websites owned by...
Continue Reading
Hackers GootLoader Malware Fake Updates Law Firms Google Ads

Hackers used GootLoader and FakeUpdates to target law firms

Threat actors have already targeted about six law firms between January and February 2023 as a part of cybercriminal operations that use GootLoader and FakeUpdates malware. The GootLoader malware strain has been active since 2020. This malware is a first-stage downloader that can deliver various secondary payloads such as ransomware and Cobalt Strike. In addition, it...
Continue Reading
Chinese Hackers MQsTTang Backdoor Malware Security Bypass

Chinese hackers used the MQsTTang backdoor to bypass security

One of China’s most notorious threat groups, Mustang Panda, has deployed the new MQsTTang backdoor in their recent attacks this year. Based on reports, the new backdoor from the Chinese-speaking threat group is based on something other than the group’s previous malware strains, such as PlugX. This detail indicates that these threat actors have constantly been...
Continue Reading
SCARLETEEL Cyberattack Operation Sophisticated Tactics Steal Data

SCARLETEEL operation uses sophisticated tactics to steal data

A newly discovered hacking campaign called SCARLETEEL operation eyes public-facing web applications that operate in containers to breach cloud services and steal data. Based on reports, the researchers stumbled upon this new operation while responding to a cybersecurity incident against a compromised cloud environment. The campaign operators displayed advanced AWS cloud mechanics expertise while deploying cryptominers...
Continue Reading
NLBrute Malware Developer Russian Hacker Extradition US Policy Enforcement Cybercrime Dark Web Marketplace

NLBrute malware developer from Russia extradited to the US

The alleged Russian NLBrute malware developer was deported by authorities to the United States after its apprehension in the Republic of Georgia last year. The accused individuals allegedly sold and created the password-cracking tool. The arrested individual is named Dariy Pankov, who now faces computer and device fraud violations that could reach nearly 50 years of...
Continue Reading
Cybersecurity Banking Banks FiXS ATM Malware Automated Teller Machines

Experts alert banks about the new FiXS ATM malware

Security researchers uncovered a new malware strain called ‘FiXS,’ a Windows-based ATM malware that began targeting banks in Mexico in February. Reports reveal that this malware can infect any automated teller machine that supports CEN/XFS or eXtenstions for Financial Services. While researchers initially found the malware requiring interaction through an external keyboard, they also found that...
Continue Reading
1 2 3 79