Malware

New Ransomware Wave Engulfs over 200 Corporate Victims

8Base Ransomware, AES, cybercrime, darkweb, data breach, Data leak, Double encryption, Leak site, MalasLocker, Malware, MalwareHunterTeam, Ransomware, Rhysida, Threat Intelligence, Zscaler /

New Ransomware Wave Engulfs over 200 Corporate Victims 23/05/2023 at 17:34 By cybleinc CRIL analyzes multiple new Ransomware families that have affected over 200 firms, spearheaded by Rhysida, 8Base, and MalasLocker ransomware. The post New Ransomware Wave Engulfs over 200 Corporate Victims appeared first on Cyble. This article is an excerpt from Cyble View Original […]

React to this headline:

Loading spinner

New Ransomware Wave Engulfs over 200 Corporate Victims Read More »

CapCut Users Under Fire

ByteDance, CapCut, Cryptocurrency, Cryptography, Ethereum, Google Chrome, Malware, Offx stealer, Opera, phishing, PyInstaller, Python, RedLine Stealer, stealers, Threat Actors, TikTok, Windows 8, Zcash /

CapCut Users Under Fire 19/05/2023 at 17:04 By cybleinc CRIL has uncovered a phishing campaign that targets unsuspecting CapCut users, aiming to steal their sensitive information. The post CapCut Users Under Fire appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

CapCut Users Under Fire Read More »

Millions of Smartphones Distributed Worldwide With Preinstalled ‘Guerrilla’ Malware

Malware, Malware & Threats, Mobile & Wireless, smartphone /

Millions of Smartphones Distributed Worldwide With Preinstalled ‘Guerrilla’ Malware 18/05/2023 at 15:30 By Eduard Kovacs A threat actor tracked as Lemon Group has control over millions of smartphones distributed worldwide thanks to preinstalled Guerrilla malware. The post Millions of Smartphones Distributed Worldwide With Preinstalled ‘Guerrilla’ Malware appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Millions of Smartphones Distributed Worldwide With Preinstalled ‘Guerrilla’ Malware Read More »

AndoryuBot’s DDOS Rampage

All, AndoryuBot, CGSI, CISA, cybercrime, Cyble Global Sensor Network, darkweb, data breach, Data leak, DDoS, Fortinet, HTTP GET, Malware, Ransomware, RCE, Remote Control Execution, Ruckus Wireless, Telegram, Threat Intelligence /

AndoryuBot’s DDOS Rampage 17/05/2023 at 18:49 By cybleinc CRIL analyzes AndoryuBot, a new botnet exploiting a critical vulnerability to carry out large-scale DDOS attacks on Ruckus Wireless products. The post AndoryuBot’s DDOS Rampage appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

AndoryuBot’s DDOS Rampage Read More »

TP-Link routers implanted with malicious firmware in state-sponsored attacks

backdoor, Check Point, Don't miss, Hot stuff, Malware, News, router, TP-LINK /

TP-Link routers implanted with malicious firmware in state-sponsored attacks 17/05/2023 at 16:44 By Helga Labus A Chinese state-sponsored APT group implanted malicious firmware into TP-Link routers as part of attack campaigns aimed at European foreign affairs entities, say Check Point researchers. Custom malicious firmware for TP-Link routers The malicious firmware was exclusively created for TP-Link

React to this headline:

Loading spinner

TP-Link routers implanted with malicious firmware in state-sponsored attacks Read More »

Ducktail Malware Focuses on Targeting HR and Marketing Professionals

Avalon Organics, Brave Browser, cybercrime, darkweb, Data leak, Dropbox, DuckTail, fake app, Google Chrome, Human Resources, infostealer, L'Oreal, Malware, Marketing, Microsoft Edge, Mozilla Firefox, NIVEA, Olay /

Ducktail Malware Focuses on Targeting HR and Marketing Professionals 17/05/2023 at 15:37 By cybleinc CRIL analyzes DuckTail, a malware infostealer actively targeting HR and Marketing executives to exploit their Social Media Business Accounts. The post Ducktail Malware Focuses on Targeting HR and Marketing Professionals appeared first on Cyble. This article is an excerpt from Cyble

React to this headline:

Loading spinner

Ducktail Malware Focuses on Targeting HR and Marketing Professionals Read More »

Infamous cybercrime marketplace offers pre-order service for stolen credentials

cybercrime, cybercriminals, cybersecurity, Malware, News, SecureWorks /

Infamous cybercrime marketplace offers pre-order service for stolen credentials 17/05/2023 at 09:42 By Help Net Security Infostealer malware, which consist of code that infects devices without the user’s knowledge and steals data, remains widely available to buy through underground forums and marketplaces, with the volume of logs, or collections of stolen data, available for sale

React to this headline:

Loading spinner

Infamous cybercrime marketplace offers pre-order service for stolen credentials Read More »

Cisco Routers Exploited by Russian State-Sponsored Attackers

APT28 Exploits, Cisco, CVE-2017-6742, FBI, India, IOS Routers, IOS XE Software, Jaguar Tooth, Malware, MIBs, Russia, SNMP, TETP, Vulnerabilities /

Cisco Routers Exploited by Russian State-Sponsored Attackers 16/05/2023 at 16:53 By cybleinc Jaguar Tooth Malware deployed via exploitation of SNMP Vulnerability On April 18, 2023, the Cybersecurity and Infrastructure Agency (CISA), the US Federal Bureau of Investigation (FBI) & UK National Cyber Security Centre released the cybersecurity advisory “APT28 Exploits Known Vulnerability to Carry Out

React to this headline:

Loading spinner

Cisco Routers Exploited by Russian State-Sponsored Attackers Read More »

New trends in ransomware attacks shape the future of cybersecurity

Corvus Insurance, cybercrime, cybersecurity, Don't miss, Hot stuff, Malware, Ransomware, trends, Video /

New trends in ransomware attacks shape the future of cybersecurity 16/05/2023 at 09:23 By Help Net Security Corvus Insurance analyzed data from the dark web and ransomware leak sites. Researchers uncovered a 60% increase in ransomware victims in March 2023, marking the highest monthly victim count observed in the past two years. In this Help

React to this headline:

Loading spinner

New trends in ransomware attacks shape the future of cybersecurity Read More »

BlackSuit Ransomware Strikes Windows and Linux Users

BlackSuit, cybercrime, Cylance, darkweb, data breach, Linux, Malware, Ransomware, Royal Ransomware, Threat Intelligence, Unit 42, VMWare, Windows /

BlackSuit Ransomware Strikes Windows and Linux Users 12/05/2023 at 17:02 By cybleinc Cyble Research & Intelligence Labs analyzes a new ransomware named BlackSuit which can target Windows and Linux operating systems. The post BlackSuit Ransomware Strikes Windows and Linux Users appeared first on Cyble. This article is an excerpt from Cyble View Original Source React

React to this headline:

Loading spinner

BlackSuit Ransomware Strikes Windows and Linux Users Read More »

Dissecting Rancoz Ransomware

@siri_urz, Avast, Avira, b95a4443bb8bff80d..., Backups, ChaChapoly, Chrome, Command Line Arguments, Common7, Comodo, cybercrime, darkweb, data breach, Data leak, Dell, Dr.Web, ESET, Install Shield Installation Information, Intel, Kaspersky Lab, Malware, McAfee, Microsoft Help, Microsoft SDKs, Microsoft Shared, Microsoft Visual Studio, Microsoft VS Code, Microsoft.NET, MingGW, MingGW (GCC), MovieMaker, NTRU, NTRU Public Key, NVIDIA Corporation, Onion, Opera, OSINT, Package Cache, Rancoz, Ransomware, RDP, Reference assemblies, Remote Access Trojans, Remote Desktop Protocol, ShadowCopy, ShellExecute, Spytechsoftware, Symantec, Symantec Client Security, System Volume Information, Threat Intelligence, Vice Society, Windows, Windows App Certification Kit, Windows Defender, Windows Mail, Windows Media Player, Windows Multimedia Platform, Windows NT, Windows Phone Silverlight Kits, Windows Photo Viewer, Windows Portable Devices, Windows Security, WindowsApps, WindowsPowerShell, Wsus, Yandex Browser /

Dissecting Rancoz Ransomware 11/05/2023 at 15:46 By cybleinc CRIL analyzes Rancoz, a new ransomware variant that is leveraging Vice Society’s codebase to target a wider victim base. The post Dissecting Rancoz Ransomware appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

Dissecting Rancoz Ransomware Read More »

Turla’s Snake malware network disrupted by Five Eyes’ agencies

APT, CISA, cyber espionage, cybercrime, Don't miss, FBI, government-backed attacks, Hot stuff, Malware, malware analysis, malware detection, News, NSA /

Turla’s Snake malware network disrupted by Five Eyes’ agencies 10/05/2023 at 14:47 By Help Net Security The US Justice Department announced the completion of court-authorized operation MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated malware, called “Snake” (aka “Uroburous”), that the US Government attributes to a unit within Center 16 of

React to this headline:

Loading spinner

Turla’s Snake malware network disrupted by Five Eyes’ agencies Read More »

Unraveling Akira Ransomware

Akira, Canada, Construction, cybercrime, data breach, Data leak, Double encryption, healthcare, Leaked data, Malware, Manufacturing, North America, PowerShell, Ransom note, Ransomware, Threat Intelligence, United States /

Unraveling Akira Ransomware 10/05/2023 at 12:33 By cybleinc CRIL analyzes Akira, a Ransomware variant that is rapidly expanding its list of targets, primarily focused on the United States and Canada. The post Unraveling Akira Ransomware appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

Unraveling Akira Ransomware Read More »

Prevent attackers from using legitimate tools against you

Artificial Intelligence, attacks, Don't miss, Expert analysis, Expert corner, exploit, Hot stuff, Malware, opinion, Ransomware, vulnerability, WithSecure /

Prevent attackers from using legitimate tools against you 10/05/2023 at 07:21 By Help Net Security Malicious actors are increasingly exploiting legitimate tools to accomplish their goals, which include disabling security measures, lateral movement, and transferring files. Using commonly available tools allows attackers to evade detection. While custom-built tools or malware can be flagged as malicious

React to this headline:

Loading spinner

Prevent attackers from using legitimate tools against you Read More »

56,000+ cloud-based apps at risk of malware exfiltration

cybercrime, cybercriminals, dark web, Malware, News, passwords, SpyCloud /

56,000+ cloud-based apps at risk of malware exfiltration 10/05/2023 at 06:30 By Help Net Security The technology sector had the highest number of malware-infected employees, most exposed corporate credentials and the majority of all stolen cookies, according to SpyCloud. Drawing on SpyCloud’s database of 400+ billion recaptured assets from the criminal underground, researchers analyzed 2.27

React to this headline:

Loading spinner

56,000+ cloud-based apps at risk of malware exfiltration Read More »

Sophisticated DarkWatchMan RAT Spreads Through Phishing Sites

cybercrime, DarkWatchMan, Data leak, fake app, Malware, Mircrosoft, Ransomware, Remote Access Trojan, Task Scheduler, Threat Intelligence, Windows, Windows Registry /

Sophisticated DarkWatchMan RAT Spreads Through Phishing Sites 07/05/2023 at 18:24 By cybleinc Cyble Research & Intelligence Labs analyzes DarkWatchman, a Remote Access Trojan that has been spreading via Phishing sites. The post Sophisticated DarkWatchMan RAT Spreads Through Phishing Sites appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to

React to this headline:

Loading spinner

Sophisticated DarkWatchMan RAT Spreads Through Phishing Sites Read More »

New KEKW Malware Variant Identified in PyPI Package Distribution

.whl, 7Star, Amigo, Bitcoin, Brave, Cent Browser, Chrome, Clipper, cryptocurrecy, cybercrime, darkweb, Epic browser, fake app, Firefox, Google Chrome, Grabber, Info stealer, Iridium, KEKW, Kometa, Malware, Microsoft, Microsoft Edge, Minecraft, Orbitum, PyPI, Python, pythonsqlitetool, Roblox, Sputnik, Threat Intelligence, Torch, Video games, Vivaldi, Windows, Yandex /

New KEKW Malware Variant Identified in PyPI Package Distribution 07/05/2023 at 18:24 By cybleinc CRIL analyzes a new KEKW Malware variant with stealer & Clipper functionalities being distributed via PyPI Packages. The post New KEKW Malware Variant Identified in PyPI Package Distribution appeared first on Cyble. This article is an excerpt from Cyble View Original

React to this headline:

Loading spinner

New KEKW Malware Variant Identified in PyPI Package Distribution Read More »

BlackBit Ransomware: A Threat from the Shadows of LokiLocker

.NET, .NET compiler, .NET Reactor, APT, BlackBit, Chrome, cybercrime, darkweb, Data leak, Defense Evasion, Encryption, Excel, Firefox, firewall, Leak site, LokiLocker, Malware, Microsoft, Microsoft Office, Persistence, RaaS, Ransomware, Ransomware-as-a-Service, Steam, Threat Intelligence, Thunderbird, Visio, Windows, Windows Defender, Wordpad /

BlackBit Ransomware: A Threat from the Shadows of LokiLocker 07/05/2023 at 18:24 By cybleinc CRIL conducts a deep dive analysis into BlackBit, a ransomware variant based on the notorious LokiLocker ransomware. The post BlackBit Ransomware: A Threat from the Shadows of LokiLocker appeared first on Cyble. This article is an excerpt from Cyble View Original

React to this headline:

Loading spinner

BlackBit Ransomware: A Threat from the Shadows of LokiLocker Read More »

Citrix Users at Risk: AresLoader Spreading Through Disguised GitLab Repo

AiD Locker Ransomware, AresLoader, Aurora Stealer, C, Citrix, cybercrime, fake app, GitLab, Hacktivism, IceID, Laplas Clipper, Lumma Stealer, LummaC2 Stealer, MaaS, Malware, Malware-as-a-Service, Repository, StealC, SystemBC RAT, Telegram, Threat Intelligence /

Citrix Users at Risk: AresLoader Spreading Through Disguised GitLab Repo 07/05/2023 at 18:24 By cybleinc CRIL analyzes the spread of AresLoader via a disguised GitLab repo, delivering multiple malware variants to victim systems. The post Citrix Users at Risk: AresLoader Spreading Through Disguised GitLab Repo appeared first on Cyble. This article is an excerpt from

React to this headline:

Loading spinner

Citrix Users at Risk: AresLoader Spreading Through Disguised GitLab Repo Read More »

Indian Ideology Targeted by Hacktivists: Reprisal Hacktivism Draws More Attacks

#opsjentikRamadhan, 1915 TEAM, 4 EXPLOITATION Channel, Aadhar, Anonymous Sudan, Anti Dajjal Community, Army of Mahdi, BreachForum, cybercrime, darkweb, DragonForce, DragonForce Malaysia, Eagle Cyber Crew, Ganosec Team, Hacktivism, Hacktivist of Garuda, Islam, ISLAMIC CYBER CORPS, Islamism, Islamophobia, KEP TEAM, Kerala Cyber Xtractors, Khalifah Cyber Crew, Malware, Mr Insane, Mysterious Silent Force, Mysterious Team Bangladesh, Operation Payback, OpIndia, OpIndia 2.0, OpIndia23, OpsPatuk, OSINT, PAKISTAN CYBER HUNTER, Pan Card, Passport, STUCX TEAM, SynixCyberCrimeArmyMY, T.Y.G Team, Team_insane_pk, Team_Insane_pk official, TIGERCYBERTEAM, VulzSecTeam /

Indian Ideology Targeted by Hacktivists: Reprisal Hacktivism Draws More Attacks 07/05/2023 at 18:24 By cybleinc CRIL charts the evolution of recent Hacktivism targeting India, as well as reprisal attacks against the same. The post Indian Ideology Targeted by Hacktivists: Reprisal Hacktivism Draws More Attacks appeared first on Cyble. This article is an excerpt from Cyble

React to this headline:

Loading spinner

Indian Ideology Targeted by Hacktivists: Reprisal Hacktivism Draws More Attacks Read More »

Scroll to Top