The FBI, alongside the CISA and other security agencies, recently published a joint threat advisory regarding the illegal activities done by the Karakurt cybercriminal group. According to the advisory, the group has been attempting to extort millions of dollars from its victims in North America and Europe. Moreover, the agencies’ joint statement suggests that victims...Continue Reading
Microsoft has recently revealed four vulnerabilities that are in high severity level under pre-installed Android apps with millions of user downloads found on most smartphones. The now-patched critical flaws could have enabled threat actors to launch cyberattacks through several vectors to steal users’ data. From the tech giant’s post, they shared that most of the...Continue Reading
Researchers discovered a new attack campaign attributed to the Chinese-sponsored advanced persistent threat group known as Winnti. Based on reports, the recently discovered campaign remained undetected for several years. The researchers called the campaign ‘Operation CuckooBees’, which leveraged a past undocumented malware and stole confidential trade data from several organisations worldwide. An incident response team...Continue Reading
Cybersecurity researchers have published a new advisory regarding the notorious BlackByte ransomware group. The advisory includes information and assessment regarding the newly discovered BlackByte samples from the group’s recent attacks. Based on reports, the analysts responsible for examining the group’s behaviour discovered several variants of BlackByte ransomware circulating in the wild. The variants are coded...Continue Reading
An advanced persistent threat (APT) group known as Cicada or APT10 has widened its targets, which first started by attacking only Japanese enterprises, to now a wide range of new countries so that they could conduct more widespread espionage attacks. The Chinese-speaking Cicada APT group is also known for its other titles, such as Stone...Continue Reading
Mars Stealer, one of the newest info stealers in 2022, is now rising to the spotlight upon cybersecurity researchers noticing its recent launches of large-scale attack campaigns. From its past name, Oski malware, which has shut down in 2020, Mars Stealer presents its improved and extensive information-stealing features that target a wide range of software...Continue Reading
Cybercriminals are trying to maximize their monetary profits, especially through mobile malware, as their attacks surface expands. Each year, the rise of the mobile malware rate has made cybercriminals more eager to abuse the opportunity. The malicious codes used for mobile attacks offer powerful features adopted by threat actors worldwide. Based on the latest statistic...Continue Reading
A malicious threat group called UNC2596 has leveraged the Microsoft Exchange flaw to distribute the Cuba ransomware. Researchers explained that the group uses ransomware to target several corporate networks and encrypt their devices. UNC2596 has been spreading the same campaigns since the start of August last year. The group has eyed multiple organisations, utility providers,...Continue Reading
The Medusa threat group has been spotted by researchers making a partnership with another threat group called Flubot. Researchers said that the two cybercriminal entities are deployed simultaneously in recent campaigns and share a common infrastructure. Researchers found the Medusa being propagated through the smishing infrastructure utilised by the Flubot trojan. Both threat groups have...Continue Reading
A new threat strain called Sugar ransomware has been found being traded as a ransomware-as-a-service (RaaS) on the dark web. The ransomware landscape, as of now, is an ever-growing community that is always ready to be deployed by threat actors to inflict damage among entities worldwide. The new malware strain dubbed Sugar is now being...Continue Reading