An alleged Italian-made Hermit Android spyware has been observed by researchers in Kazakhstan, where the government utilised it to monitor its citizens’ activities. Experts assumed that the spyware was developed by a couple of Italian firms named Tykelab Srl and RCS Lab S.p.A. Moreover, a researcher said that an entity owned by the national government...Continue Reading
Phishing actors were seen selling a new sophisticated toolkit called NakedPages on underground marketplaces, allegedly effective against large-scale companies. Aside from being found on the dark web forums, the NakedPages toolkit is also promoted by its operators on some malicious Telegram channels. Originally designed for the Linux OS, the new phishing toolkit requests reading, writing,...Continue Reading
The Russian threat group Sandworm may be taking advantage of a recently disclosed Follina to target Ukraine. Follina is a remote code execution vulnerability in Microsoft Windows Support Diagnostic Tool, which researchers currently track as CVE-2022-30190. The security flaw can be activated by opening or selecting a maliciously modified document. Therefore, different threat groups have...Continue Reading
Researchers disclosed that a Chinese-speaking malicious threat group called Aoqin Dragon had been actively operating a cyber espionage campaign for ten years. The decade-old espionage campaign has targeted the academic sector, governmental entities, and telecommunication firms in Australia and Southeast Asia. In a recently published report, the Aoqin Dragon appears to have been seeking initial...Continue Reading
A newly discovered pro-Russian cybercriminal group called Cyber Spetsnaz has been exploiting the current geopolitical conflict between Russia and Ukraine to organise cyber-espionage campaigns. The recently uncovered group is an elite cyber offensive armada that exclusively targets the infrastructure of the North Atlantic Treaty Organisation (NATO). This month, the cyberespionage group developed a new division...Continue Reading
The Qbot hacking group and the Black Basta ransomware have joined forces to gain initial access to numerous targets such as corporate environments. Qbot is notorious for stealing banking credentials and Windows domain and launching additional payloads. Researchers have reported the ongoing partnership between the two groups after the traces of them were found present...Continue Reading
The most recent activity of the notorious hacktivist gang, Anonymous, involves their strike against Russia, leaking about 1TB of data from a Russian law firm called Rustam Kurmaev and Partners or RKP Law. The well-known law firm, RKP Law, has worked with the Russian government and other big-time Russian corporations from different sectors, such as...Continue Reading
A hacking group from Lebanon, tracked Polonium, has been blocked by Microsoft from using the OneDrive cloud storage platform after the tech giant found that the threat group had been using it for stealing data and their C2 servers as they attack companies from Israel. Over 20 malicious OneDrive apps used by the threat group...Continue Reading
An Anonymous affiliated hacking group claimed that they had completed an attack against the Belarusian government websites. The group commenced the attack after the latter announced their support for Russia’s invasion of Ukraine. The hacktivist group announced on Twitter that various websites linked to the Belarus state are shut down because of them. They shared...Continue Reading
A new version of the XLoader botnet has been found using probability theory in obfuscating its command-and-control (C2) servers to become more resistant to being disrupted by security analysts. The method used by the botnet’s operators allows them to remain on the same infrastructure without losing nodes while also evading detection. Being initially based on...Continue Reading