Security analysts revealed a two-year-long spear-phishing campaign aimed at entities in the financial sector in French-speaking African countries ā Morocco, Togo, Ivory Coast, Cameroon, and Senegal. The campaign is codenamed DangerousSavanna, and its operators are heavily relying on social engineering techniques for initial access, consequently employing customized malware such as AsyncRAT, PoshC2, and Metasploit. The […]
In late July, Microsoft researchers released new evidence linking Raspberry Robin Windows worm to the activity of the russia-backed Evil Corp gang. Raspberry Robin, a USB-based worm designed as a malware loader, shows similar functionality and structural elements to those of Dridex malware, indicating that a notorious Evil Corp group may be behind the new […]
On August 30 and 31, 2022, CERT-UA revealed a burst of adversary activity massively distributing phishing emails among Ukrainian, Austrian, and German organizations. According to the corresponding CERT-UA#5252 alert, hackers exploit the email attachment vector spreading the notorious AgentTesla info-stealing malware. The malicious activity can be attributed to the behavior patterns of the hacking collective […]
A notorious APT group tracked as NOBELIUM (aka APT29, Cozy Bear, and The Dukes) adds new threats to their set of malicious tricks. The threat actor, responsible for a 2020 headline-making hack of Texas-based SolarWinds company, remains a highly active criminal gang, impacting a wide range of industries and organizations in public, private, and non-governmental […]
Malware stands for malicious software and denotes software that is designed to execute computer instructions that are destructive to a userās system or in any other way hazardous for targeted individuals and enterprises.Ā Rapid technology development has brought a proliferation of various kinds of malware. It can do a range of bad things, such as […]
Lots of children break things not because they are little evil creatures but because they are curious about āhow itās made.ā Eventually, some of those children grow up and become Cybersecurity Analysts. They do basically the same but in an adult world.Ā Malware analysis is the process of studying a malware sample to understand what […]
Earlier this month, security researchers identified PyPi malware that exfiltrated usersā credentials, appsā cookies, and history, along with other sensitive data. The research data indicates that adversaries upload malicious packages to The Python Package Index (PyPI) ā a vast repository of open-source Python packages. The goal is to dupe the users into downloading them by […]
Cyber Threat Hunting is a novel approach to Threat Detection which is aimed at finding cyber threats within an enterprise’s network before they do any harm. This includes deliberately looking for weak spots as well as any signs of ongoing attacks within a digital infrastructure. Threat Hunting is more complex than passive Threat Detection and […]
Amadey Bot, a notorious malware strain that first came to the cyber threat arena in 2018, is capable of stealing data and deploying other malicious payloads on the compromised system. It has been actively distributed across hacker forums to engage in offensive operations. Cybersecurity researchers have recently observed the distribution of a new version of […]
Financially motivated criminal hackers leverage a new infostealer dubbed Ducktail to exfiltrate browser cookies and take over victimsā Facebook Business accounts. The evidence suggests that the adversaries behind the campaign are Vietnam-based, primarily targeting professionals working in HR, management, and marketing. The beginning of the active development of the Ducktail campaign can be traced back […]