Emerging last year as the successor to Royal ransomware, BlackSuit has quickly evolved into a highly sophisticated malicious spinoff, aggressively targeting organizations worldwide. Security researchers have recently observed a significant surge in activity by the Ignoble Scorpius group, the operator behind BlackSuit, with over 90 organizations falling victim to their relentless intrusions. Detect BlackSuit Ransomware […]
Following a wave of cyber attacks by the Iran-linked hacking collective tracked as Pioneer Kitten, the FBI, CISA, and authoring partners issue a new alert notifying defenders of a growing threat posed by BianLian Ransomware Group, which primarily targets critical infrastructure organizations in the U.S. and Australia. Detect BianLian Ransomware According to the State of […]
A new Rust-based stealer malware dubbed Fickle Stealer has come to the scene, capable of extracting sensitive data from compromised users. The new stealer masquerades itself as GitHub Desktop software for Windows and employs a wide range of anti-malware and detection evasion techniques, posing a growing threat to its potential victims. Detect Fickle Stealer Malware […]
Hot on the heels of the recent wave of cyber-attacks leveraging a highly evasive Strela Stealer in Central and Southwestern Europe, a new infostealer comes into the spotlight targeting sensitive data within the government and education sectors across Europe and Asia. Defenders have observed an ongoing info-stealing campaign attributed to Vietnamese-speaking adversaries who leverage a […]
Cybersecurity researchers have identified an ongoing in-the-wild adversary campaign, which leverages a known RCE vulnerability in Microsoft Office tracked as CVE-2017-0199 exploited by a malicious Excel file used as a lure attachment in phishing emails. The phishing campaign is designed to distribute a new fileless version of the notorious Remcos RAT malware and take full […]
Essential Tips to Level Up in SOC Prime Threat Bounty Program As a detection engineer, SOC analyst, and threat hunter, joining SOC Prime’s Threat Bounty Program opens the door to significant professional growth within a globally recognized cybersecurity community. The Program is designed to harness the expertise in detection engineering, enabling members to contribute high-value […]
Security researchers have revealed a stealthy campaign targeting users in Central and Southwestern Europe with an email credential stealer. Dubbed Strela, this evasive malware is deployed via phishing emails, utilizing obfuscated JavaScript and WebDAV to circumvent conventional security measures. Since its emergence two years ago, Strela Stealer has significantly enhanced its malicious capabilities, allowing it […]
The notorious Russian state-sponsored hacking group known as APT28 or UAC-0001, which has a history of launching targeted phishing attacks on Ukrainian public sector organizations, has resurfaced in the cyber threat landscape. In the latest adversary campaign covered by CERT-UA, attackers weaponize a PowerShell command embedded in the clipboard as an entry point to further conduct offensive […]
Attackers frequently launch high-profile attacks by exploiting RCE vulnerabilities in popular software products. Cybersecurity researchers have recently identified the widespread exploitation of FortiManager instances, with 50+ potentially compromised devices across multiple industry verticals. Defenders disclosed a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited in zero-day attacks by adversaries to execute arbitrary code […]
Hot on the heels of the “Rogue RDP” attacks exploiting the phishing attack vector and targeting Ukrainian state bodies and military units, CERT-UA researchers uncovered another wave of phishing attacks leveraging emails with invoice-related subject lures and weaponizing HOMESTEEL malware for file theft. The UAC-0218 group is believed to be behind the ongoing adversary operation. […]