Threat Intelligence

Threat Intelligence Page 1

WHO Impersonation Phishing Campaign Nerbian RAT Malware Fraud Prevention Social Engineering

WHO impersonated in phishing campaign to spread the Nerbian RAT

Nerbian RAT, a new remote access trojan, has recently been found by experts possessing advanced capabilities such as bypassing security detection and being analysed by security researchers. Written in the Go programming language, the new trojan is a cross-platform 64-bit threat spread through a small-scale phishing campaign using macro-laced documents. The malware was discovered in...
Continue Reading
Cybersecurity Analysts Cybercriminal Sub Groups TA410 Hacker Gang JollyFrog FlowingFrog LookingFrog

Analysts found three cybercriminal sub-groups working for the TA410 gang

Recent research conducted by cybersecurity analysts revealed that the TA410 threat gang controls an operation containing three sub-groups. Although the groups are under the same umbrella, they have different tactics, techniques, and procedures for striking their victims. The three sub-groups working on the TA410 are JollyFrog, FlowingFrog, and LookingFrog. These three groups work separately but...
Continue Reading
Lapsus$ Threat Group Dark Web Data Breach Cyberattack

Lapsus$ continues to ravage its targets to leave a mark on the dark web

A new report revealed how the Lapsus$ operators deploy their attacks, including some information about the TTPs of the highly unpredictable attacks of the group and an analysis of how they select and target victims. In the last five months, the Lapsus$ group became notorious after successfully breaching big-time firms such as Samsung, Nvidia, Okta,...
Continue Reading
Black Basta Conti Ransomware Hacker Group Malware

Black Basta may be connected to the Conti ransomware group

A new ransomware group called Black Basta has infected about a dozen organisations, and some researchers claim that it may have a link to the notorious Conti gang. The appearance of Black Basta was first discovered last month. Researchers also noted that they had already compiled samples regarding the new threat in February. The threat...
Continue Reading
GOLD ULRICK Threat Group Conti Ransomware Cyberattack Scheme Malware

The GOLD ULRICK group continues to adapt Conti ransomware’s scheme

A newly discovered threat group called GOLD ULRICK continues to adapt and operate the Conti name-and-shame ransomware scheme and adjusted well to the massive data leak of Conti ransomware’s source code. Conti is still actively circulating in the wild based on recent findings despite experiencing enormous data leaks from security researchers. The efforts of many...
Continue Reading
Nokoyawa Ransomware Malware Threat Group TTP Cyber Threat

The latest information about Nokoyawa ransomware gets uncovered

Researchers claimed that the Nokoyawa ransomware showed similarities with the Hive group after noticing resemblances in their tricks, tactics, and procedures (TTPs). However, the researchers have taken a step back and reevaluated some things after separate researchers shared new details and discoveries on the Nokoyawa ransomware.   The Nokoyawa showed signs of being Hive related,...
Continue Reading
LILIN DVR Devices CCTV BotenaGo Malware Strain

LILIN DVR devices targeted by a new BotenaGo malware strain

BotenaGo’s new malware strain has been discovered by researchers targeting the LILIN security camera DVR devices. The researchers called the newly discovered malware variant “LILIN Scanner” since it is used by the threat actors in the source code during the latest attacks. Based on reports, the new variant is coded in the Go language (Golang)...
Continue Reading
REvil Gang TOR Network Cyberattack Campaigns Ransomware Darkweb RuTOR

The REvil gang returns with a new TOR network for new attack campaigns

A new leak site allegedly owned by the REvil ransomware gang has emerged on the threat landscape after being inactive for a few months. According to reports, the gang’s new TOR network redirects its visitors to a new ransomware operation that seems to have already begun in December 2021. Furthermore, the new leak site exposes...
Continue Reading
Lazarus APT South Korea Chemical Sector Cyberespionage Operation Dream Job APT

The Lazarus APT targeted South Korea’s chemical sector

The North Korean-sponsored advanced persistent threat (APT) group called Lazarus targets organisations that operate in South Korea’s chemical sector. This current espionage campaign appears to be the sequel of the Operation Dream Job conducted by the same APT group discovered by researchers in August last year. At the beginning of the year, a research team...
Continue Reading
HOMAGE Vulnerability Exploit iOS Catalan Pegasus Spyware

HOMAGE exploit discovered targeting iOS users from Catalan

Catalan-based journalists, politicians, and activists are the newest targets of a zero-click exploit on iPhone’s iMessage app utilised to install spyware under the NSO Group. As dubbed by experts, HOMAGE is a zero-click vulnerability that impacts iOS version 13.2. The HOMAGE exploit is abused by threat operators to target people with the Pegasus spyware, alongside...
Continue Reading
1 2 3 11