My account


Delaware, USA – July 19, 2019 – The Chinese APT group with a nearly ten-year history of attacks added the Okrum backdoor to its arsenal, which is quite different in functionality from the rest of the group’s tools. ESET researchers track the activity of the Ke3chang group (aka APT15, Vixen Panda, Royal APT, and Playful […]

Delaware, USA – July 18, 2019 – A new modular backdoor for desktop Linux systems is developed by the Russian Gamaredon group and is not detectable by antivirus solutions. Intezer Labs researchers discovered the backdoor this month and published the analysis of the capabilities of EvilGnome malware, the modules of which, apparently, are still being […]

Delaware, USA – July 17, 2019 – New York City’s Monroe College has become a recent victim of a large-scale ransomware attack as a result of which the entire network of the educational institution was disabled. It is not known exactly which cybergang is behind this incident, but judging by the required gigantic ransom amount […]

Delaware, USA – July 16, 2019 – Since the beginning of the year, notorious Turla APT has been using new tools for cyber espionage distributed through infected installers of the legitimate software. Researchers at Kaspersky Lab analyzed the malware which is called Topinambour by its authors and the infrastructure of campaigns targeted at government agencies. […]

Delaware, USA – July 15, 2019 – Attacks on routers in Brazil started about a year ago, sometimes going beyond the borders of the country. Initially, the compromised devices were used to mine Monero cryptocurrency by injecting Coinhive script into a specially created error page. Then the attackers began to change router DNS settings and […]

Delaware, USA – July 12, 2019 – Adversaries compromise QNAP Systems devices by exploiting vulnerabilities or brute-forcing them to install eCh0raix ransomware. Network Attached Storage devices often store sensitive data and important backups in corporate networks and can be accessed over the Internet. The value of the encrypted data and the relatively low cost of […]

Delaware, USA – July 11, 2019 – Disappeared a few years ago Buhtrap group get spotted using unpatched zero-day in a cyber espionage campaign targeted at governmental institutions. The group began operations in 2014 with financially motivated attacks against businesses and banks, and their activities remained below the radar of researchers until next year. At the […]

Delaware, USA – July 10, 2019 – Sea Turtle APT group, allegedly attributed to the Iranian government, compromised the ICS-Forth network that manages the Greek top-level domains .gr and .el. About the Sea Turtle group became known in this April, but their campaigns were tracked back till 2017. The adversaries use a very unusual technique […]

Delaware, USA – July 9, 2019 – Microsoft admonishes of ongoing campaign spreading fileless malware capable of stealing credentials and clipboard data. The attacks started in mid-May, and most of the campaign targets are located in Brazil. Experts from Microsoft Defender ATP Research Team discovered suspicious surges in the use of the Windows Management Instrumentation Command-line […]

Delaware, USA – July 8, 2019 – A Magecart group cranks out compromised websites injecting card skimming scripts to steal credit card data and personal info of customers. Last week, Sanguine Security discovered 962 websites with an installed skimmer, and all victims were compromised within 24 hours. For now, it is the largest automated attack […]