Category

Threat Intelligence

Threat Intelligence Page 3

RansomHouse Threat Group Data Leak Breach Stolen Data Darknet

RansomHouse group establishes new data leak site for breach victims

A new darknet leak site has recently emerged on the cybercrime scene run by the group dubbed RansomHouse. The site’s operators use it to leak massive stolen data from data breach victims who failed to pay monetary requests to threat actors. Moreover, the new campaign is said not to operate through ransomware but through breach...
Continue Reading
China Chinese Hacker Twisted Panda Russian Firms

A new China-based Twisted Panda campaign fired against Russian firms

The Chinese state-backed APT campaign dubbed Twisted Panda has recently been attributed to the cyberattacks against two Russian research institutes and a Belarusian firm. Analysts state that the new attack operations came amid the ongoing conflict between Russia and Ukraine to leverage the situation and launch attacks. Furthermore, studies about the campaign revealed that its...
Continue Reading
Botnet Fronton Widescale Social Media Events Facebook Twitter

A botnet dubbed Fronton can manipulate widescale social media events

The Russian FSB has allegedly procured a sophisticated botnet that can launch harmful DDoS attacks and manipulate trending social media topics across all platforms. These findings are from a report following security experts’ analysis of documents stolen from a Russian government contractor previously victimised by the ‘Digital Revolution’ hacktivist group in March 2020. From the...
Continue Reading
Conti Ransomware Gang Threat Group Rebirth AvosLocker BlackCat Hive HelloKitty

Conti ransomware has shut down to introduce their upcoming rebirth

The cybercrime landscape was surprised by the breaking news that the Conti ransomware group, one of the most notorious gangs, has decided to shut down operations. The group’s internal infrastructure has been taken offline, according to researchers. Many of the threat group’s internal services, such as Tor admin panels and rocket chat servers, are also...
Continue Reading
FBI Malicious Actors North Korea State Backed Developers Cryptocurrency Hackers

The FBI warns about malicious North Korean state-backed developers

North Korean state-backed application and software developers are observed pretending as US-based remote employees to attain IT jobs in the US and Europe’s technology and crypto companies. Several US federal government agencies have shared this report, including the FBI, Department of State, and Department of Treasury. The agencies have highlighted how North Korean state actors...
Continue Reading
Wizard Spider Threat Group Cyberattack Operations APT Business Email Compromise BEC Phishing

Wizard Spider follows the corporate model in their attack operations

Russian-based Wizard Spider gang had been investigated by security researchers, discovering some of the threat group’s internal attack infrastructure. Based on the investigations, the Wizard Spider threat group is allegedly linked with two other hacking groups, Grip Spider and Lunar Spider. The gang operates their system under a complex set of sub-groups and implements a...
Continue Reading
Naikon Threat Gang Cyber Espionage Campaigns

Naikon gang returns for another wave of cyber espionage campaigns

A China-sponsored malicious threat group called Naikon has reemerged with new phishing mechanics that target organisations, especially government sectors, to steal confidential data. The group, known for the names Lotus Panda/Override Panda, was tracked by researchers in 2020. Another research group then detected its infrastructure in 2015. However, the group is back from the dead,...
Continue Reading
WHO Impersonation Phishing Campaign Nerbian RAT Malware Fraud Prevention Social Engineering

WHO impersonated in phishing campaign to spread the Nerbian RAT

Nerbian RAT, a new remote access trojan, has recently been found by experts possessing advanced capabilities such as bypassing security detection and being analysed by security researchers. Written in the Go programming language, the new trojan is a cross-platform 64-bit threat spread through a small-scale phishing campaign using macro-laced documents. The malware was discovered in...
Continue Reading
Cybersecurity Analysts Cybercriminal Sub Groups TA410 Hacker Gang JollyFrog FlowingFrog LookingFrog

Analysts found three cybercriminal sub-groups working for the TA410 gang

Recent research conducted by cybersecurity analysts revealed that the TA410 threat gang controls an operation containing three sub-groups. Although the groups are under the same umbrella, they have different tactics, techniques, and procedures for striking their victims. The three sub-groups working on the TA410 are JollyFrog, FlowingFrog, and LookingFrog. These three groups work separately but...
Continue Reading
Lapsus$ Threat Group Dark Web Data Breach Cyberattack

Lapsus$ continues to ravage its targets to leave a mark on the dark web

A new report revealed how the Lapsus$ operators deploy their attacks, including some information about the TTPs of the highly unpredictable attacks of the group and an analysis of how they select and target victims. In the last five months, the Lapsus$ group became notorious after successfully breaching big-time firms such as Samsung, Nvidia, Okta,...
Continue Reading
1 2 3 4 5 14