Ransomware attacks have become a constantly growing trend in the cyber threat arena since 2020, which continues to be on the rise in 2021-2022. Cybersecurity researchers have recently uncovered a new SolidBit ransomware variant, which targets gamers and social media users. The novel malware strain is spotted in the wild, being uploaded to GitHub and […]
A C2 platform called “Dark Utilities” was released in early 2022 and is currently getting traction among adversaries. Dark Utilities, a C2-as-a-Service (C2aaS), provides an affordable (at a starting price of just EUR 9,99) way of setting up an anonymous C&C infrastructure. The service allows for remote access, DDoS attacks, command execution, and cryptojacking. Security […]
Gwisin ransomware targeting Korean companies in multiple industries is currently on the increase in the cyber threat arena. Attributed to the Korean-speaking threat actors, Gwisin ransomware is leveraged in targeted attacks at specific organizations rather than random individuals and does not perform malicious behaviors on its own, which makes its detection harder. The ransomware is […]
Researchers revealed a critical security hole in 29 models of DrayTek Vigor routers, totaling more than 700,000 devices currently in use. DrayTek Vigor routers gained popularity during the worldwide shift to home offices during the pandemic and are mostly used by employees of small and medium-sized businesses in the UK, Netherlands, Vietnam, Taiwan, and Australia. […]
A novel attack framework called “Manjusaka” is currently making rounds in the wild. The name “Manjusaka,” which means ācow flower,ā is far from denoting the high level of offense potential the attack framework bears. Deriving from ample evidence, the campaign operators behind this malware family are believed to be China-based. Developers of Manjusaka have designed […]
Amadey Bot, a notorious malware strain that first came to the cyber threat arena in 2018, is capable of stealing data and deploying other malicious payloads on the compromised system. It has been actively distributed across hacker forums to engage in offensive operations. Cybersecurity researchers have recently observed the distribution of a new version of […]
Security analysts report an increasing number of cases of adversarial abuse of software called ‘proxyware’. Users can install proxyware (operated via the client application) and become bandwidth donors by sharing their internet connection via services like Peer2Profit and IPRoyal. The hosts, incentivized with monetary rewards, enable other users to access the web from their location […]
LockBit threat actors have been recently under the spotlight in the cyber domain. In July 2022, the hacking collective hit the headlines by introducing the first-ever bug bounty program launched by a ransomware gang. In the latest cyber-attacks, the notorious ransomware group applies Living-off-the-Land tools by abusing the legitimate Microsoft Defenderās command-line utility to deploy […]
Financially motivated criminal hackers leverage a new infostealer dubbed Ducktail to exfiltrate browser cookies and take over victimsā Facebook Business accounts. The evidence suggests that the adversaries behind the campaign are Vietnam-based, primarily targeting professionals working in HR, management, and marketing. The beginning of the active development of the Ducktail campaign can be traced back […]
On July 27, 2022, Microsoft cybersecurity researchers published a notice observing the recently revealed malicious activity of the European private-sector offensive actor (PSOA) tracked as KNOTWEED, which leverages a set of Windows and Adobe zero-day exploits, including the newly patched CVE-2022-22047 vulnerability. According to the research, threat actors launch targeted cyber-attacks against organizations in Europe […]