Tag: Malware

DangerousSavanna Detection: Attacks Targeting Various Financial Orgs Revealed
DangerousSavanna Detection: Attacks Targeting Various Financial Orgs Revealed

Security analysts revealed a two-year-long spear-phishing campaign aimed at entities in the financial sector in French-speaking African countries – Morocco, Togo, Ivory Coast, Cameroon, and Senegal. The campaign is codenamed DangerousSavanna, and its operators are heavily relying on social engineering techniques for initial access, consequently employing customized malware such as AsyncRAT, PoshC2, and Metasploit. The […]

Read More
Raspberry Robin Malware Detection: New Connections Revealed
Raspberry Robin Malware Detection: New Connections Revealed

In late July, Microsoft researchers released new evidence linking Raspberry Robin Windows worm to the activity of the russia-backed Evil Corp gang. Raspberry Robin, a USB-based worm designed as a malware loader, shows similar functionality and structural elements to those of Dridex malware, indicating that a notorious Evil Corp group may be behind the new […]

Read More
AgentTesla Spyware Massively Distributed in Phishing Campaigns Targeting Ukrainian, Austrian, and German Organizations
AgentTesla Spyware Massively Distributed in Phishing Campaigns Targeting Ukrainian, Austrian, and German Organizations

On August 30 and 31, 2022, CERT-UA revealed a burst of adversary activity massively distributing phishing emails among Ukrainian, Austrian, and German organizations. According to the corresponding CERT-UA#5252 alert, hackers exploit the email attachment vector spreading the notorious AgentTesla info-stealing malware. The malicious activity can be attributed to the behavior patterns of the hacking collective […]

Read More
MagicWeb Detection: NOBELIUM APT Uses Sophisticated Authentication Bypass
MagicWeb Detection: NOBELIUM APT Uses Sophisticated Authentication Bypass

A notorious APT group tracked as NOBELIUM (aka APT29, Cozy Bear, and The Dukes) adds new threats to their set of malicious tricks. The threat actor, responsible for a 2020 headline-making hack of Texas-based SolarWinds company, remains a highly active criminal gang, impacting a wide range of industries and organizations in public, private, and non-governmental […]

Read More
What Is Malware? Malware Types to Watch Out For
What Is Malware? Malware Types to Watch Out For

Malware stands for malicious software and denotes software that is designed to execute computer instructions that are destructive to a user’s system or in any other way hazardous for targeted individuals and enterprises.  Rapid technology development has brought a proliferation of various kinds of malware. It can do a range of bad things, such as […]

Read More
What is Malware Analysis?
What is Malware Analysis?

Lots of children break things not because they are little evil creatures but because they are curious about “how it’s made.” Eventually, some of those children grow up and become Cybersecurity Analysts. They do basically the same but in an adult world.  Malware analysis is the process of studying a malware sample to understand what […]

Read More
PyPi Malware Detection: Stealing Discord Tokens to Spread Malware
PyPi Malware Detection: Stealing Discord Tokens to Spread Malware

Earlier this month, security researchers identified PyPi malware that exfiltrated users’ credentials, apps’ cookies, and history, along with other sensitive data. The research data indicates that adversaries upload malicious packages to The Python Package Index (PyPI) – a vast repository of open-source Python packages. The goal is to dupe the users into downloading them by […]

Read More
What is Cyber Threat Hunting? The Ultimate Guide
What is Cyber Threat Hunting? The Ultimate Guide

Cyber Threat Hunting is a novel approach to Threat Detection which is aimed at finding cyber threats within an enterprise’s network before they do any harm. This includes deliberately looking for weak spots as well as any signs of ongoing attacks within a digital infrastructure. Threat Hunting is more complex than passive Threat Detection and […]

Read More
SmokeLoader Detection: Distributes Amadey Bot Malware via Software Cracks
SmokeLoader Detection: Distributes Amadey Bot Malware via Software Cracks

Amadey Bot, a notorious malware strain that first came to the cyber threat arena in 2018, is capable of stealing data and deploying other malicious payloads on the compromised system. It has been actively distributed across hacker forums to engage in offensive operations. Cybersecurity researchers have recently observed the distribution of a new version of […]

Read More
Ducktail Infostealer Detection: Criminal Hackers Hijack Business Accounts With New Malware
Ducktail Infostealer Detection: Criminal Hackers Hijack Business Accounts With New Malware

Financially motivated criminal hackers leverage a new infostealer dubbed Ducktail to exfiltrate browser cookies and take over victims’ Facebook Business accounts. The evidence suggests that the adversaries behind the campaign are Vietnam-based, primarily targeting professionals working in HR, management, and marketing. The beginning of the active development of the Ducktail campaign can be traced back […]

Read More