North Korea-affiliated APT groups have consistently ranked among the most active adversaries over the past decade. This year, security experts have observed a significant uptick in their malicious operations, driven by enhanced toolsets and an expanded range of targets. In August 2024, North Korean hackers bolstered their arsenal with the MoonPeak Trojan. A month earlier, […]
In today’s threat landscape, when the number and sophistication of cyber attacks are constantly rising, threat actors are targeting the most secure and critical systems across continents and industries. Organizations are continually improving their cyber defense posture, migrating to cloud-based security solutions that reportedly enhance real-time threat detection capabilities. Yet, as adversaries adopt new approaches, […]
The nefarious state-sponsored russia-aligned Gamaredon (aka Hive0051, UAC-0010, or Armageddon APT) has been launching a series of cyber-espionage campaigns against Ukraine since 2014, with cyber attacks intensifying since russia’s full-scale invasion of Ukraine on February 24, 2022. ESET recently published an in-depth technical analysis, providing insights into Gamaredon’s cyber-espionage operations against Ukraine throughout 2022 and […]
A novel iteration of the RomCom malware family emerges in the cyber threat arena. The new malware, dubbed SnipBot, uses tricky anti-analysis techniques and a custom code obfuscation method to move laterally within the victim’s network and perform data exfiltration. Detect SnipBot Malware The notorious RomCom malware has resurfaced with a new SnipBot variant, actively […]
In today’s fast-moving technological landscape, organizations face unprecedented challenges in managing their security operations. When both threats and technologies change rapidly, organizations need the agility to adapt, migrate, and use multiple security solutions without being tied down by proprietary formats. Also, as the SIEM market evolves, vendors merge or pivot their offerings, and the organizations […]
In the first quarter of 2024, state-sponsored APT groups from regions such as China, North Korea, Iran, and russia demonstrated notably sophisticated and innovative adversary methods, creating significant challenges for the global cybersecurity landscape. Recently, a China-linked APT group known as Earth Baxia has targeted a state agency in Taiwan and potentially other countries in […]
Hackers are weaponizing PoC exploits for newly identified vulnerabilities in Progress Software WhatsUp Gold for in-the-wild attacks. Defenders have recently uncovered RCE attacks exploiting the critical SQL injection flaws tracked as CVE-2024-6670 and CVE-2024-6671. Notably, CVE-2024-6670 has been added to CISA’s Known Exploited Vulnerabilities Catalog. Detect CVE-2024-6670, CVE-2024-6671 Progress WhatsUp Gold Exploits In 2024, nearly […]
Right after the joint advisory by FBI, CISA, and partners warning of a significant shift in the RansomHub RaaS group activity, security researchers have spotted the novel trick by adversaries misusing Kaspersky’s legitimate TDSSKiller software to disable Endpoint Detection and Response (EDR) systems. Once they’ve bypassed defenses, attackers turn to the LaZagne tool, siphoning login […]
Ransomware continues to be a leading global threat to organizations, with attacks becoming more frequent and increasingly sophisticated. Recently, a new Ransomware-as-a-Service (RaaS) group, Repellent Scorpius, has emerged, intensifying the challenge for cyber defenders. This novel actor drives the distribution of the Cicada3301 ransomware, employing a double-extortion tactic to maximize profits while expanding their affiliate […]
Notorious russia-affiliated hacking groups are posing daunting challenges to defensive forces, continuously upgrading their adversary TTPs and enhancing detection evasion techniques. Following the full-fledged war outbreak in Ukraine, russia-backed APT collectives are especially active while using the conflict as a testing ground for new malicious approaches. Further, proven methods are leveraged against major targets of […]