Delaware, USA – April 1, 2019 – Even though researchers have documented a significant decline in the popularity of DDoS attacks, which is also caused by recent lawsuits over botnet operators and ‘stresser’ services, the adversaries continue to improve DDoS’er malware threats. A recently published article by the MalwareMustDie team reviews ELF malware that is […]
Delaware, USA – March 29, 2019 – Magento has released the update this week patching a critical vulnerability in the platform. It is not known whether it was used for attacks in the wild, but cybercriminal groups who compromise commercial sites to install skimmers will not leave SQL injection vulnerability unheeded. Magento CMS is used […]
Delaware, USA – March 28, 2019 – Elfin group (aka APT33) conducts cyber espionage campaigns primarily focusing on organizations in Saudi Arabia and the United States. State-sponsored actors are interested not only in government organizations, but also in companies in the chemical, engineering, telecommunications, finance, and IT sectors. In addition to cyber espionage, the researchers suspect […]
Delaware, USA – March 27, 2019 – With more than a month into making, this was the longest sprint we had to the date to make sure it is well worth your time. Today, we’re glad to bring you the cutting-edge capabilities for threat hunting and detection as a code. We all love Sigma rules […]
Delaware, USA – March 26, 2019 – The new supply chain attack targets ASUS users who downloaded the Live Update software from the official website. The investigation is currently ongoing, but researchers from Kaspersky Lab have published an interim report detailing this campaign dubbed Operation ShadowHammer. Unidentified APT group modified the legitimate version of the […]
Delaware, USA – March 25, 2019 – It became known about two victims of the LockerGoga ransomware that caused a great stir last week. According to Motherboard, this month, in addition to Norsk Hydro, two American chemical companies became victims of large-scale cyber attacks: Hexion and Momentive. The incidents occurred on March 12, but the […]
Delaware, USA – March 22, 2019 – APT32, also known as the OceanLotus group, is notorious for the cyber espionage campaigns targeting Asian countries and large-scale watering hole attacks. Researchers of ESET analyzed recent group campaigns and found changes in the group’s actions. The adversaries send carefully crafted emails for each target, disguised as current […]
Delaware, USA – March 21, 2019 – Carabank group returned to attacks on financial organizations using new tools. The Carabank group (also known as FIN7) has been active for 4 years already; last year U.S. Department of Justice announced the arrest of three group members, who hid their illegal activities under the flag of Combi […]
Delaware, USA – March 20, 2019 – The Norwegian company Norsk Hydro became a victim of a cyber attack and was forced to switch to manual operations. NorCERT warned the organization about attacks using LockerGoga ransomware and defined that Norsk Hydro was one of its victims. The attack began on Monday night, presumably in the […]
Delaware, USA – March 19, 2019 – More than half of the brute force attacks targeted at tenants of G Suite and Microsoft Office 365 are conducted using the IMAP protocol. According to the Proofpoint study, every fourth such attack ends with a successful compromise. Such a success rate is possible because targeted accounts are […]