Brand Abuse

Brand Abuse Page 4

LOLBins Hackers Malware Propagation Windows Lazarus MuddyWater APT

LOLBins channel fascinated hackers to employ it for malware propagation

Threat actors found their new favorite channel, LOLBins, to hide malicious activities from security providers and solutions. The Living Off the Land Binaries, or LOLBins, can be dangerous and challenging for security detections since they are tools that are trusted by security solutions. Since they are charged, they tend to bypass AV solutions and security...
Continue Reading
Threat Actors SEO Poisoning Campaigns Malware Atera Agent Batloader Search Engines

Threat actors utilise SEO poisoning campaigns to distribute malware

An SEO poisoning attack is seen distributing the Atera Agent and Batloader malware which threat actors initiated to target professionals seeking productive tools such as TeamViewer, Visual Studio, and Zoom. Experts stated that the threat actors push SEO strategies to poison Google search results by ranking fake sites as the most searched keywords. In this...
Continue Reading
3000 QNAP Network Devices DeadBolt Ransomware NAS Network Area Storage Malware

Over 3,000 QNAP devices affected by the DeadBolt ransomware

Researchers discovered a new ransomware operation called DeadBolt which already impacted many QNAP NAS devices by encrypting its data. According to the latest reports, ransomware has already targeted and affected approximately 3,600 QNAP devices worldwide. The DeadBolt threat actors exploit a zero-day flaw to infect and compromise QNAP devices and encrypt files using their ransomware....
Continue Reading
UpdateAgent Hostile Malware Infostealer Mac OS Adware Adload

UpdateAgent has grown into a more hostile malware for macOS users

UpdateAgent, a macOS malware, was discovered propagating for a year. Researchers said that the malware started infecting macOS users a few years ago as a standard infostealer malware and nothing more. Unfortunately, the malware has been busy upgrading itself since its operators are non-stop developing its features. According to researchers, UpdateAgent has new functionalities never...
Continue Reading
TrickBot Threat Group Layered Security Hide Itself Malware

The TrickBot group added layered security to effectively hide itself

The TrickBot group has added new features to their obfuscation mechanics to counteract security groups’ identification rampage. According to analysts, multiple added layers of obfuscation and protection have been employed by its operators to their injections then utilised in many online banking frauds. Researchers analysed the most up-to-date anti-analysis features and injections of TrickBot to...
Continue Reading
Konni RAT Malware Threat North-Korea Cybersecurity Services MS Office

Konni RAT becomes a more dangerous threat as analysed by experts

Security experts revealed that the North Korea-based threat group Konni RAT has upgraded its techniques and expanded its attack surface to target several political institutions in neighbouring countries like South Korea and Russia. The researchers managed to identify the new tricks of Konni after analysing the newly developed Konni RAT samples. Based on the analysis,...
Continue Reading
Cybersecurity Firms Warning Users Log4Shell Log4f Vulnerability Exploit Cyberattacks

Cybersecurity firms continue to warn users against Log4Shell attacks

Several cybersecurity firms continue to raise red flags regarding threat actors who use the Log4j critical flaw – Log4Shell – in their malicious activities. According to the researchers, they have observed several attacks that have been actively exploiting the vulnerability. In the past couple of months, various security firms released an advisory regarding threat actors...
Continue Reading
Web Archive File Exploited OceanLotus APT32 Malware MHT MHTML

Web archive file exploited by OceanLotus to spread malware

A state-backed cybercriminal group called OceanLotus, also known as APT32, exploits the web archive file format to avoid detection from security solutions while distributing malware to intrude in target devices. The recent report of a cybersecurity researcher claims that the state-sponsored hackers are actively utilising the web archive files [.]MHTML, and [.]MHT for its campaign....
Continue Reading
TellYouThePass Ransomware Reemerges Golang Cybersecurity Malware

TellYouThePass ransomware reemerges alongside its new ability

TellYouThePass ransomware has reemerged in the cybercriminal scene with an attack capability of utilising the Go language (Golang) added to its malicious arsenal. According to researchers, Golang can help ransomware groups target many operating systems, including Windows. A recent report also revealed a code-level change in the ransomware, making it effortless to compile for platforms...
Continue Reading
Trojanised dnSpy Application dot NET Malware Campaign Cyberattack GitHub Trojan Debugger

Trojanised dnSpy application leveraged for a malware campaign

Recent investigations revealed that a malware campaign performed by unknown threat actors had distributed a trojanized version of the [.]NET app called dnSpy. Threat actors have yet again proven that nobody is safe from cyberattacks since they operated a malware campaign that terrorizes researchers, analysts, and developers. The dnSpy is a prominent debugger and [.]NET...
Continue Reading
1 2 3 4 5 6 9