On February 16, 2022, Cybersecurity and Infrastructure Security Agency (CISA) disclosed the latest intelligence information about Russia-linked cyber-attacks on the US Cleared Defense Contractors (CDCs) that have been in operation for at least two years now. The targeted CDCs had access to a variety of sensitive data sources, including weapons development, surveillance data, communication lines, […]
One month into 2022, there is no foreseeable slump in attacks; on the contrary, the cybersecurity field is bustling. The landscape is familiar: lurking hackers and security practitioners working doggedly to ensure no rest for the former. Late January, a new attack campaign, launched by a North Korea-linked APT, was discovered by the Malwarebytes Threat […]
Adversaries are searching for new means of turning up the heat, this time bringing new, Rust-written ransomware to attack organizations in the U.S., Europe, Australia, India, and the Philippines. ALPHV BlackCat ransomware developers target Windows and Linux OSs through 3rd party framework/toolset (e.g., Cobalt Strike) or by exploiting vulnerable applications. The BlackCat gang is now […]
What goes on in the dark must come out in the light. Security experts have revealed an especially dangerous 12-year-old bug affecting nearly all Linux hosts. The flaw enables full root access on literally any Linux machine for a local, unprivileged threat actor if successfully exploited. CVE-2021-4034 (PwnKit) Description While the cyber domain is still […]
A newly minted UEFI firmware malicious implant dubbed āMoonBounceā is ravaging in the wild. The threat is believed to be the handiwork of a Chinese-speaking APT41 hacking gang, aka Double Dragon or Winnti. This UEFI rootkit is set out to cause a stir, having already obtained the title of the most stealthy of all the […]
Another day, another critical vulnerability posing a major headache for security practitioners. This time researchers have identified a wormable remote code execution (RCE) flaw that impacts the latest desktop and server Windows versions. The vendor urges everyone to upgrade their systems ASAP since the flaw could be easily leveraged by adversaries to execute arbitrary code […]
Overview, Analysis, and Lessons Learned On January 13, 2021, a massive data-wiping cyber-attack hit Ukraine, taking down the online assets of the countryās government. As of January 17, 2021, up to 70 websites experienced temporary performance issues due to the intrusion, including the Cabinet, seven ministries, the Treasury, the National Emergency Service, and the state […]
Another day ā Ā another major challenge for security practitioners. Meet BlackByte, a new ransomware-as-a-service (RaaS) ring that is hard forging the way to the top of the threat list. First incidents attributed to the BlackByte collective were detected in July 2021, and since then adversaries evolved their tactics and tools significantly. Currently, security researchers observe […]
Meet Babadeda, a new notorious crypter in the arsenal of threat actors. The malware has been actively leveraged by adversaries since May 2021 to bypass security protections and covertly deliver a variety of threats to unsuspecting victims. Multiple infostealers and remote access Trojans (RATs) have been deployed with the help of Babadeda. Moreover, LockBit maintainers […]
The infamous Lazarus APT strikes again, with security professionals being under attack during the most recent campaign. State-sponsored actor leverages a pirated version of the widely-used IDA Pro reverse engineering application to compromise researchersā devices with backdoors and remote access Trojans (RATs). NukeSpeed RAT Delivered via Trojanized IDA ProĀ According to the research by ESET, […]