New Buhti ransomware uses leaked payloads and public exploits
A newly identified ransomware operation has refashioned leaked LockBit and Babuk payloads into Buhti ransomware, to launch attacks on both Windows and Linux systems. Use of …
Legion AWS credential harvester and hijacker analyzed
Researchers from Cado Labs recently encountered an update to the emerging cloud-focused malware family, Legion. This sample iterates upon the credential harvesting features of …
Legitimate Android app transforms into data-snooping malware
ESET researchers have discovered a trojanized Android app named iRecorder – Screen Recorder. It was available on Google Play as a legitimate app in September 2021, with …
TP-Link routers implanted with malicious firmware in state-sponsored attacks
A Chinese state-sponsored APT group implanted malicious firmware into TP-Link routers as part of attack campaigns aimed at European foreign affairs entities, say Check Point …
Infamous cybercrime marketplace offers pre-order service for stolen credentials
Infostealer malware, which consist of code that infects devices without the user’s knowledge and steals data, remains widely available to buy through underground forums and …
New trends in ransomware attacks shape the future of cybersecurity
Corvus Insurance analyzed data from the dark web and ransomware leak sites. Researchers uncovered a 60% increase in ransomware victims in March 2023, marking the highest …
Turla’s Snake malware network disrupted by Five Eyes’ authorities
The US Justice Department announced the completion of court-authorized operation MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated …
Prevent attackers from using legitimate tools against you
Malicious actors are increasingly exploiting legitimate tools to accomplish their goals, which include disabling security measures, lateral movement, and transferring files. …
56,000+ cloud-based apps at risk of malware exfiltration
The technology sector had the highest number of malware-infected employees, most exposed corporate credentials and the majority of all stolen cookies, according to SpyCloud. …
ChatGPT and other AI-themed lures used to deliver malicious software
“Since the beginning of 2023 until the end of April, out of 13,296 new domains created related to ChatGPT or OpenAI, 1 out of every 25 new domains were either malicious …
Malicious content lurks all over the web
Attackers are finding new ways to evade detection and blend in with normal network traffic using HTTP and HTTPS to deliver malware, according to Netskope. On average, five out …
Infostealer with hVNC capability pushed via Google Ads
There has been a noted increase in malvertising via Google Ads this year, aimed at tricking users into downloading malware; among these malicious payloads is LOBSHOT, an …