trojan

How Lazarus Group used fake job ads to spy on Europe’s drone and defense sector

cybercrime, cybersecurity, Don't miss, ESET, Malware, News, North Korea, Remote Access Trojan, scams, threats, trojan /

How Lazarus Group used fake job ads to spy on Europe’s drone and defense sector 2025-10-23 at 09:23 By Sinisa Markovic ESET researchers have uncovered a fresh wave of Operation DreamJob, a long-running campaign linked to North Korea’s Lazarus Group. This latest activity targeted several European defense contractors, including firms deeply involved in drone and […]

React to this headline:

Loading spinner

How Lazarus Group used fake job ads to spy on Europe’s drone and defense sector Read More »

AsyncRAT evolves as ESET tracks its most popular malware forks

cybercrime, cybersecurity, Don't miss, ESET, Keylogger, Malware, News, Remote Access Trojan, research, trojan /

AsyncRAT evolves as ESET tracks its most popular malware forks 2025-07-15 at 12:50 By Sinisa Markovic AsyncRAT is an open-source remote access trojan that first appeared on GitHub in 2019. It includes a range of typical RAT capabilities, such as keylogging, screen capture, credential theft, and more. Its simplicity and open-source design have made it

React to this headline:

Loading spinner

AsyncRAT evolves as ESET tracks its most popular malware forks Read More »

Trojanized SonicWall NetExtender app exfiltrates VPN credentials

data theft, Don't miss, Hot stuff, Microsoft, News, SonicWall, trojan, VPN /

Trojanized SonicWall NetExtender app exfiltrates VPN credentials 2025-06-24 at 15:00 By Zeljka Zorz Unknown attackers have trojanized SonicWall’s SSL-VPN NetExtender application, the company has warned on Monday, and have been tricking users into downloading it from a lookalike site(s?). The trojanized SonicWall NetExtender installer SonicWall NetExtender is an SSL‑VPN client used by companies to give remote

React to this headline:

Loading spinner

Trojanized SonicWall NetExtender app exfiltrates VPN credentials Read More »

Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe

Banking Trojan, Grandoreiro, Malware, Malware & Threats, trojan /

Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe 2025-03-28 at 12:33 By Ionut Arghire The Grandoreiro banking trojan has reemerged in new campaigns targeting users in Latin America and Europe. The post Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe Read More »

FBI: Free file converter sites and tools deliver malware

adware, Don't miss, FBI, Hot stuff, Malware, Malwarebytes, News, trojan /

FBI: Free file converter sites and tools deliver malware 2025-03-18 at 13:35 By Zeljka Zorz Malware peddlers are increasingly targeting users who are searching for free file converter services (websites) and tools, the FBI’s Denver Field Office has warned earlier this month. “To conduct this scheme, cyber criminals across the globe are using any type

React to this headline:

Loading spinner

FBI: Free file converter sites and tools deliver malware Read More »

Head Mare Group Intensifies Attacks on Russia with PhantomCore Backdoor

Hacktivism, Malware, trojan /

Head Mare Group Intensifies Attacks on Russia with PhantomCore Backdoor 2024-12-10 at 16:00 By rohansinhacyblecom Key takeaways Overview On 2nd September 2024, Kaspersky released a blog about the Head Mare group, which first emerged in 2023. Head Mare is a hacktivist group targeting organizations in Russia and Belarus with the goal of causing maximum damage

React to this headline:

Loading spinner

Head Mare Group Intensifies Attacks on Russia with PhantomCore Backdoor Read More »

Head Mare Group Intensifies Attacks on Russia with PhantomCore RAT

Malware, trojan /

Head Mare Group Intensifies Attacks on Russia with PhantomCore RAT 2024-12-10 at 15:03 By rohansinhacyblecom Key takeaways Overview On 2nd September 2024, Kaspersky released a blog about the Head Mare group, which first emerged in 2023. Head Mare is a hacktivist group targeting organizations in Russia and Belarus with the goal of causing maximum damage

React to this headline:

Loading spinner

Head Mare Group Intensifies Attacks on Russia with PhantomCore RAT Read More »

Notorious Ursnif Banking Trojan Uses Stealthy Memory Execution to Avoid Detection

trojan, Ursnif /

Notorious Ursnif Banking Trojan Uses Stealthy Memory Execution to Avoid Detection 2024-11-25 at 18:33 By daksh sharma Key takeaways Overview CRIL recently identified an active malicious campaign utilizing a malicious LNK file as the initial infection vector, delivered within a ZIP archive, potentially through spam emails. This LNK file is cleverly disguised as a PDF,

React to this headline:

Loading spinner

Notorious Ursnif Banking Trojan Uses Stealthy Memory Execution to Avoid Detection Read More »

Windows users targeted with fake human verification pages delivering malware

CloudSEK, Don't miss, Hot stuff, Malware, News, Palo Alto Networks, Proofpoint, trojan, Windows /

Windows users targeted with fake human verification pages delivering malware 2024-09-19 at 17:01 By Zeljka Zorz For a while now, security researchers have been warning about fake human verification pages tricking Windows users into inadvertently installing malware. A recently exposed campaign showed how some users end up on these pages. Beware of fake human verification

React to this headline:

Loading spinner

Windows users targeted with fake human verification pages delivering malware Read More »

The Intricate Babylon RAT Campaign Targets Malaysian Politicians, Government

Threat Actor, trojan /

The Intricate Babylon RAT Campaign Targets Malaysian Politicians, Government 2024-09-04 at 17:01 By Cyble Key takeaways  Overview  Cyble Research and Intelligence Lab (CRIL) has recently discovered a campaign involving malicious ISO files, targeting political figures and government officials within Malaysia. The initial infection vector for this campaign is unclear. The ISO file is crafted with

React to this headline:

Loading spinner

The Intricate Babylon RAT Campaign Targets Malaysian Politicians, Government Read More »

New SOHO router malware aims for cloud accounts, internal company resources

data collection, Don't miss, Hot stuff, Lumen, Malware, networking, News, router, SMBs, Trend Micro, trojan /

New SOHO router malware aims for cloud accounts, internal company resources 2024-05-02 at 14:46 By Zeljka Zorz Cuttlefish, a new malware family that targets enterprise-grade small office/home office (SOHO) routers, is used by criminals to steal account credentials / secrets for AWS, CloudFlare, Docker, BitBucket and other cloud-based services. “With the stolen key material, the

React to this headline:

Loading spinner

New SOHO router malware aims for cloud accounts, internal company resources Read More »

Brokewell: A New Android Banking Trojan Targeting Users In Germany

Banking Trojan, trojan /

Brokewell: A New Android Banking Trojan Targeting Users In Germany 2024-04-25 at 19:32 By neetha871ad236bd Key Takeaways Overview Mobile banking has become increasingly prevalent in recent years, offering users convenient access to financial services at their fingertips. However, with this convenience comes the risk of cyber threats targeting mobile devices, such as Android Banking Trojans.

React to this headline:

Loading spinner

Brokewell: A New Android Banking Trojan Targeting Users In Germany Read More »

The Fate of the CriminalMW Group: Endgame or a New Rebranding Journey? 

Android, Banking Trojan, trojan /

The Fate of the CriminalMW Group: Endgame or a New Rebranding Journey?  2024-02-19 at 12:46 By neetha871ad236bd CRIL analyzes the Brazilian CriminalMW Group’s activities and their rebranding tactics. The post The Fate of the CriminalMW Group: Endgame or a New Rebranding Journey?  appeared first on Cyble. This article is an excerpt from Cyble View Original

React to this headline:

Loading spinner

The Fate of the CriminalMW Group: Endgame or a New Rebranding Journey?  Read More »

iOS users beware: GoldPickaxe trojan steals your facial data

China, cybercrime, cybercriminals, cybersecurity, Don't miss, Group-IB, iOS, iPhone, Malware, News, smartphones, trojan /

iOS users beware: GoldPickaxe trojan steals your facial data 2024-02-15 at 12:16 By Help Net Security Group-IB uncovered a new iOS trojan designed to steal users’ facial recognition data, identity documents, and intercept SMS. The trojan, dubbed GoldPickaxe.iOS by Group-IB’s Threat Intelligence unit, has been attributed to a Chinese-speaking threat actor codenamed GoldFactory, responsible for

React to this headline:

Loading spinner

iOS users beware: GoldPickaxe trojan steals your facial data Read More »

Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication

Android, Banking Trojan, Malware, trojan /

Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication 2024-02-01 at 08:17 By neetha871ad236bd Cyble analyzes GreenBean, a new Android Banking Trojan leveraging Simple RealTime Server (SRS) for C&C Communication The post Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication appeared first on Cyble. The post

React to this headline:

Loading spinner

Greenbean: Latest Android Banking Trojan Leveraging Simple RealTime Server (SRS) for C&C Communication Read More »

Uncovering The New Java-Based SAW RAT’s Infiltration Strategy via LNK files

Java, Java Runtime Environment, Remote Access Trojan, Saw RAT, trojan /

Uncovering The New Java-Based SAW RAT’s Infiltration Strategy via LNK files 29/11/2023 at 15:02 By cybleinc CRIL analyzes a new Java-based RAT – SAW that infiltrates users’ systems via LNK files. The post Uncovering The New Java-Based SAW RAT’s Infiltration Strategy via LNK files appeared first on Cyble. This article is an excerpt from Cyble

React to this headline:

Loading spinner

Uncovering The New Java-Based SAW RAT’s Infiltration Strategy via LNK files Read More »

New Persian Remote World Selling  a Suite of Malicious Tools

All, infostealer, Keylogger, Malware, Persian Loader, Persian RAT, Persian Remote, Persian X Loader, trojan /

New Persian Remote World Selling  a Suite of Malicious Tools 23/11/2023 at 11:46 By cybleinc CRIL analyzes a new website – Persian Remote World – selling malicious software, including RATs and Malware loaders, for monetary gain. The post New Persian Remote World Selling  a Suite of Malicious Tools appeared first on Cyble. This article is

React to this headline:

Loading spinner

New Persian Remote World Selling  a Suite of Malicious Tools Read More »

Emerging Threat: Understanding the PySilon Discord RAT’s Versatile Features

GitHub, Malware, phishing, PySilon RAT, telecommunications, Threat Actors, trojan /

Emerging Threat: Understanding the PySilon Discord RAT’s Versatile Features 18/09/2023 at 18:09 By cybleinc Cyble Research and Intelligence Labs analyzes the Emerging PySilon Discord RAT and Explores its Versatile functionalities. The post Emerging Threat: Understanding the PySilon Discord RAT’s Versatile Features appeared first on Cyble. This article is an excerpt from Cyble View Original Source

React to this headline:

Loading spinner

Emerging Threat: Understanding the PySilon Discord RAT’s Versatile Features Read More »

The rise and evolution of supply chain attacks

backdoor, Broadcom, cybersecurity, Don't miss, Hot stuff, Malware, software, supply chain attacks, Symantec, trojan, Video /

The rise and evolution of supply chain attacks 13/09/2023 at 07:03 By Help Net Security A supply chain attack is a cyberattack that focuses on a third-party supplier providing essential services or software to the supply chain. In this Help Net Security video, Dick O’Brien, Principal Intelligence Analyst in the Symantec Threat Hunter team, discusses

React to this headline:

Loading spinner

The rise and evolution of supply chain attacks Read More »

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure

Cisco, critical infrastructure, Don't miss, Europe, healthcare, Hot stuff, Malware, ManageEngine, News, North Korea, trojan, USA, vulnerability /

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure 25/08/2023 at 15:36 By Helga Labus North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure and healthcare institutions in Europe and the US. The group leveraged the vulnerability to deploy QuiteRAT, downloaded from an IP address

React to this headline:

Loading spinner

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure Read More »

Scroll to Top