ZuoRAT Exploits Weaknesses in SOHO Routers to Target Remote Employees

A Remote Access Trojan (RAT) is a type of malware that provides the attacker with full remote control over your system. When a RAT reaches your computer, it allows the hacker to…

Researchers ID new RAT developed by Chinese hacking group with growing target list

Written by AJ Vicens Jun 13, 2022 | CYBERSCOOP An established Chinese hacking group known for targeting telecommunications, finance and government organizations around the world has developed a “new, difficult-to-detect”…

Outbreak of Follina in Australia

Avast –  Avast –  Our threat hunters have been busy searching for abuse of the recently-released zero-day remote code execution bug in Microsoft Office (CVE-2022-30190). As part of their investigations,…

Fake WHO Safety Emails on COVID-19 Dropping Nerbian RAT Across Europe

The novel Nerbian RAT (remote access trojan) is currently targeting’ entities in Spain, Italy, and the United Kingdom. Proofpoint’s security researchers have warned users of a new RAT dubbed Nerbian written in…

Transparent Tribe campaign uses new bespoke malware to target Indian government officials

By Asheer Malhotra and Justin Thattil with contributions from Kendall McKay. Cisco Talos has observed a new Transparent Tribe campaign targeting Indian government and military entities. While the actors are…

Avast Finds Compromised Philippine Navy Certificate Used in Remote Access Tool

Avast –  Avast –  Avast Threat Intelligence Team has found a remote access tool (RAT) actively being used in the wild in the Philippines that uses what appears to be…

Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups

By Asheer Malhotra, Vitor Ventura and Arnaud Zobec. Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating…

Unknown TA2541 group attacking aviation and defense sectors since 2017

TA2541 is extensively using a variety of Remote Access Trojans (RAT) in spear-phishing attacks to lure their target. Proofpoint researchers have published a report highlighting the presence of a little-known…

Arid Viper APT targets Palestine with new wave of politically themed phishing attacks, malware

By Asheer Malhotra and Vitor Ventura. Cisco Talos has observed a new wave of Delphi malware called Micropsia developed and operated by the Arid Viper APT group since 2017. This…

BRATA Android malware factory resets phones after stealing funds

The new variant of BRATA malware is also capable of GPS tracking and keylogging. A malware that was originally identified in 2019 has surfaced once again and this time it…