Computer Security
DarkGate Malware Rented Out to Aspiring Hackers
A fresh malspam operation has been identified deploying a readily available malicious software known as DarkGate. Telekom Security, in a recent report, stated that the increased activity of DarkGate malware can be... Read more
QuiteRAT Linked to North Korean APT Lazarus
An infamous hacking group affiliated with the North Korean government is employing a fresh variant of malicious software to target healthcare organizations and critical internet infrastructure in Europe and the US.... Read more
Monti Gang Launches Updated Ransomware Targeting Linux
The Monti ransomware threat group has reappeared following a hiatus of two months, introducing a new version of their encryptor designed for Linux systems. The group has shifted their focus towards government and... Read more
Statc Stealer Targets Windows Systems
A recently discovered strain of malicious software called Statc Stealer has been identified as infecting computers operating on the Microsoft Windows system. This malware specializes in extracting sensitive personal... Read more
OpenCarrot Backdoor Deployed by North Korean Threat Actors
Two distinct nation-state groups originating from North Korea have been associated with a cyber intrusion targeting NPO Mashinostroyeniya, a significant Russian company specializing in missile engineering. According... Read more
SafeChat Mobile Malware Targets Mobile IM Services
Hackers have been identified using a deceptive Android messaging app, referred to as SafeChat, to conduct espionage on unsuspecting targets. The malicious app, believed to be associated with the Indian APT hacking... Read more
BGAUpsell - What Is It?
BGAUpsell is the name of an executable file that caused some concern among users. What exactly is BGAUpsell and what does it do? While some users were worried that BGAUpsell is some sort of malicious application, in... Read more
Whirlpool Malware Follows in Barracuda's Footsteps
The US cybersecurity and infrastructure security agency (CISA) has identified sophisticated and prolonged Advanced Persistent Threat (APT) attacks aimed at exploiting a previous zero-day vulnerability in Barracuda... Read more
QwixxRAT Malware Spread Through Messaging Platforms
A recently introduced remote access trojan (RAT) named QwixxRAT is being promoted for purchase by its threat actor through both Telegram and Discord platforms. Once implanted on Windows computers owned by victims, the... Read more
Threat Actors Relying on EvilProxy Phishing Toolkit to Target Organizations
Criminal actors are utilizing a phishing-as-a-service (PhaaS) toolkit known as EvilProxy more and more often to orchestrate account takeover attacks specifically targeting top executives within prominent companies.... Read more
Reptile Rootkit Uses Port Knocking
Cyber threat actors have turned their attention to Linux systems in South Korea, deploying an open-source rootkit named Reptile. What sets Reptile apart from conventional rootkit malware is its advanced functionality.... Read more
WikiLoader Malware Deployed by TA544 Threat Actor
Researchers have reported that a malware downloader is imitating various Italian organizations, such as the tax agency, in order to deliver a banking Trojan to target Italian companies. The downloader, dubbed... Read more
LockBit 3.0 Ransomware Builder Spawns Many New Variants
The release of the LockBit 3.0 ransomware builder last year resulted in threat actors misusing the tool to generate new variations. Researchers from a cybersecurity company noticed a ransomware attack involving a... Read more
DroxiDat Malware Deployed in Suspected Ransomware Attack
A cyber attack on a power generation company in southern Africa has been attributed to an unidentified threat actor. This attack involved the utilization of a new version of the SystemBC malware named DroxiDat, which... Read more
JanelaRAT Targets Windows Users in Latin America
A financial malware known as JanelaRAT is on the prowl, targeting users across Latin America. This malicious software has a knack for extracting sensitive data from Microsoft Windows systems that have fallen victim to... Read more
Clop Ransomware Gang Uses Torrents to Leak Stolen Data
The Clop ransomware syndicate has initiated a novel approach by making pilfered data from MOVEit attacks accessible through torrents, as recent reports indicate. Security analyst Dominic Alvieri disclosed this... Read more
P2Pinfect Malware Targets Both Windows and Linux Redis Servers
A novel and highly sophisticated malware campaign dubbed "P2Pinfect" has recently emerged, targeting publicly-accessible deployments of the Redis data store. Cado Security Labs revealed that the malware is coded in... Read more
CherryBlos Mobile Malware Hides in Fake Google Play Apps
A warning has been issued by researchers regarding two malware campaigns named CherryBlos and FakeTrade, aimed at targeting Android users for cryptocurrency theft and other financially motivated scams. The... Read more
