A hacking group dubbed UNC3524 is found using thorough strategies in attacking corporate networks to intrude and steal data. According to experts, the threat group remained hidden from its victims for over 18 months while collecting information associated with mergers, acquisitions, and financial transactions. UNC3524 was first detected in December 2019. They utilised a wide...Continue Reading
A new report revealed how the Lapsus$ operators deploy their attacks, including some information about the TTPs of the highly unpredictable attacks of the group and an analysis of how they select and target victims. In the last five months, the Lapsus$ group became notorious after successfully breaching big-time firms such as Samsung, Nvidia, Okta,...Continue Reading
A new ransomware group called Black Basta has infected about a dozen organisations, and some researchers claim that it may have a link to the notorious Conti gang. The appearance of Black Basta was first discovered last month. Researchers also noted that they had already compiled samples regarding the new threat in February. The threat...Continue Reading
New data revealed that threat actors are reutilising the RedLine malware in their cyberattacks against networks from over 150 countries in April this year. In January, researchers first identified a campaign that exploits the CVE-2021-26411 security flaw of the web browser Internet Explorer to spread the malware. RedLine stealer is a password-stealing malware available on...Continue Reading
A new leak site allegedly owned by the REvil ransomware gang has emerged on the threat landscape after being inactive for a few months. According to reports, the gang’s new TOR network redirects its visitors to a new ransomware operation that seems to have already begun in December 2021. Furthermore, the new leak site exposes...Continue Reading
A cybercriminal group developed and endorsed a new marketplace for stolen data called Industrial Spy. Reports said that the recent market offers stolen information and credentials from hacked companies to buyers and offers the goods to its members without a fee. The threat actors developed the new marketplace so businesses could buy their competitor’s data...Continue Reading
The META malware spam campaign spreads an infostealer that is becoming a trend among threat groups on the dark web. The currently prevalent infostealer malware is trying to replace the operation left by the Raccoon Stealer, who had recently shut down. Based on reports, the malware was first seen last March by researchers and indicated...Continue Reading
The notorious dark web hacker forum and underground marketplace, RaidForums, had recently been shut down by the US authorities during Operation TOURNIQUET, alongside Europol and other law enforcement agencies worldwide. Three of the dark web forum’s administrators were arrested, while the authorities also seized their main website, which now shows a ‘domain seizure’ message from...Continue Reading
The Russian-based dark web Hydra marketplace has been shut down by German law enforcement, seizing over $25 million worth of Bitcoin from its operators. Three German authorities have worked together to conduct the operation, including Bundeskriminalamt (BKA), the Frankfurt Public Prosecutor’s Office, and Germany’s Federal Criminal Police Office. In a joint statement, the German authorities...Continue Reading
A new infostealer dubbed BlackGuard is found available for sale on a Russian dark web forum amounting to $200 per monthly subscription, which researchers describe as a sophisticated malware strain. These infostealers are intended for data harvesting, such as system information, screenshots, sensitive credentials, contact lists, network traffic, banking, financial data, etc. An array of...Continue Reading
