Computer Security
Google Reports Blocking Over 2.2 Million Malicious Apps on the Play Store
In late April 2024, Google announced that enhancements to its security processes prevented 2.28 million privacy-violating apps from being published on its Google Play store in 2023. The company attributed this success... Read more
Akira Ransomware Banks $42 Million in Ransom Payments Over a Single Year
Since early 2023, Akira ransomware has targeted more than 250 victims globally and collected over $42 million in ransom payments, according to CISA, the FBI, Europol, and the Netherlands’ National Cyber Security... Read more
SSLoad Malware Spread in Phishing Campaign
Security experts have identified an ongoing attack strategy that utilizes phishing emails to distribute a form of malware known as SSLoad. Dubbed FROZEN#SHADOW by Securonix, this campaign involves deploying Cobalt... Read more
CR4T Malware Used in DuneQuixote Campaign
Government bodies in the Middle East have become the focus of an undisclosed operation aiming to introduce a fresh clandestine entry point known as CR4T. According to cybersecurity researchers, this activity was... Read more
SteganoAmor Attack Operation Uses Images to Spread Malware
The threat group known as TA558 has been observed employing steganography, a technique of concealing data within images and text files, to distribute various types of malware including Agent Tesla, FormBook, Remcos... Read more
RUBYCARP Botnet Attributed to Romanian Threat Actor
A cyber threat group suspected to be of Romanian origin, known as RUBYCARP, has been observed operating a persistent botnet for engaging in various illicit activities including crypto mining, distributed... Read more
Muddling Meerkat APT Discovered Pulling DNS Tricks
A new cyber threat named Muddling Meerkat has been detected engaging in sophisticated activities involving the domain name system (DNS) since October 2019. This appears to be an attempt to evade security measures and... Read more
Microsoft Warns that Russian Meddling in US Elections Likely Already Started
In late April 2024, Microsoft reported that Russian online efforts to influence the upcoming U.S. presidential election have begun within the last 45 days, albeit at a slower pace compared to previous election cycles.... Read more
GooseEgg Malware Linked to Russian Fancy Bear APT
APT28, a threat actor linked to Russia, utilized a security vulnerability in the Microsoft Windows Print Spooler component to deploy a new custom malware named GooseEgg. This post-compromise tool, operational since at... Read more
SoumniBot Mobile Malware Targets Android Devices
A newly discovered Android trojan named SoumniBot has been identified in the field targeting users in South Korea by exploiting vulnerabilities in the procedure for extracting and parsing manifests. According to... Read more
Fuxnet ICS Malware Deployed by Ukrainian Security Services Against Russia
Claroty, a cybersecurity company specializing in industrial and enterprise IoT, has analyzed Fuxnet, a type of malware utilized by Ukrainian hackers in an attack on a Russian infrastructure company. This attack,... Read more
XploitSpy Mobile Malware Deployed Against South Asia Victims
A recent Android malware campaign known as eXotic Visit has been predominantly targeting users in South Asia, particularly in India and Pakistan. The malware is being spread through dedicated websites and the Google... Read more
Kaolin RAT Linked to North Korean Lazarus Group APT
The Lazarus Group, associated with North Korea, utilized familiar tactics involving fake job offers to distribute a new remote access trojan (RAT) called Kaolin RAT during attacks aimed at specific individuals in Asia... Read more
Brokewell Mobile Malware Spreads Through Fake Chrome Updates
Counterfeit browser updates are being employed to distribute a new Android malware known as Brokewell, which was previously undocumented. According to an analysis by security researchers published in April 2024,... Read more
Quotation Request Malicious Emails
After going over the email in question, we confirmed that "Quotation Request" is malicious spam, disguising itself as a potential purchase inquiry. The goal is to trick potential victims into opening the malicious... Read more
MadMxShell Backdoor Spreads Through Malicious Ads
A recent malvertising campaign abusing Google Ads involves a series of websites resembling a legitimate IP scanner tool, aiming to distribute a new backdoor named MadMxShell. Researchers from Zscaler ThreatLabz found... Read more
CVE-2024-3400 Vulnerability Hinges on Command Injection Flaw
Cyber attackers have been taking advantage of a recently revealed vulnerability in Palo Alto Networks PAN-OS software since March 26, 2024, almost three weeks before it was publicly disclosed. This activity,... Read more
Another Ransomware Threat Group Attacks Change Healthcare
Change Healthcare, a vital player in the healthcare industry, finds itself once again in the crosshairs of cybercriminals. Just a month after grappling with a ransomware attack that saw them shelling out a hefty sum... Read more