New Pegasus Scanner Used to Infect Windows

The spyware mimics the behavior pattern of a real antivirus program designed to check the system for Pegasus traces and remove them. Sarwent-based assaults have been active since at least…

New APT ChamelGang Targets Russian Energy, Aviation Orgs

First appearing in March, the group has been leveraging ProxyShell against targets in 10 countries and employs a variety of malware to steal data from compromised networks. A new APT…

Unwanted Gift: Ransomware, Supply Chain Attacks, and How to Prevent Them

Now more than ever, supply chains are attracting threat actor attention. As evidenced by attacks like the one which recently targeted the IT services provider Kaseya and over 1,500 of…

Vulnerabilities in QNAP Fixed

Multiple patches were released by the Taiwan-based network-attached storage (NAS). In this way, they addressed the vulnerabilities that could enable attackers to inject and execute malicious code and commands remotely…

GhostEmperor Campaign Targets Asian Countries Abusing Microsoft Vulnerabilities

Cybersecurity researchers have recently disclosed details of the Chinese-based threat actor GhostEmperor who allegedly targeted several south-east Asian countries for more than a year. According to Kaspersky specialists Mark Lechtik,…

Ryuk Ransomware: Origins, Operation Mode, Mitigation

What is Ryuk Ransomware? Widely known for targeting governments, academia, healthcare, manufacturing, and technology organizations’ cybersystems, Ryuk is a ransomware-as-a-service (RaaS) group that’s been active since August 2018. It typically encrypts data…

Google Emergency Update Fixes Two Chrome Zero Days

This is the second pair of zero days that Google’s fixed this month, all four of which have been actively exploited in the wild. Google has pushed out an emergency…

GriftHorse Android malware hit 10 millions devices in 70 countries

GriftHorse malware uses malicious apps to subscribe victims to premium services that cost them $42 (£30 –€36) per month. The IT security researchers at Zimperium Labs have reported an Android…

Military’s RFID Tracking of Guns May Endanger Troops

RFID gun tags leave the military exposed to tracking, sniffing and spoofing attacks, experts say.   Reports that the military has started outfitting firearms with RFID tags for tracking have raised…

Tips & Tricks for Unmasking Ghoulish API Behavior

Jason Kent, hacker-in-residence at Cequence Security, discusses how to track user-agent connections to mobile and desktop APIs, to spot malicious activity. I was analyzing one of my customer’s API traffic…