‘PseudoManuscrypt’ Mass Spyware Campaign Targets 35K Systems

It’s similar to Lazarus’s Manuscrypt malware, but the new spyware is splattering itself onto government organizations and ICS in a non-Lazarus-like, untargeted wave of attacks. Researchers have tracked new spyware…

StrongPity Malware Spread Using Malicious Notepad++ Installers

The Advanced Persistent Threat (APT) known as StrongPity is distributing malware-laced Notepad++ installers to infect their victims. #APT #StrongPity NotePad++ installer(npp.8.1.7.Installer.x64.exe)78556a2fc01c40f64f11c76ef26ec3ffhttp[:]//advancedtoenableplatform.com pic.twitter.com/eEXZWIObnH — blackorbird (@blackorbird) November 30, 2021 The method…

SMA 100 flaws in SonicWall VPN expose devices to remote takeover

If exploited, an unauthenticated, remote attacker can execute code as a “nobody user” in the device meaning attacker would get root access and gain full control of the device. SonicWall,…

Microsoft seizes domains used to attack 29 governments across Latin America, Caribbean, Europe

Microsoft has announced the seizure of dozens of domains used in attacks by the China-based APT group Nickel on governments and NGOs across Europe, the Americas and the Caribbean.  In…

The In-house Zoho ServiceDesk Exploit Used to Drop Webshells

You may recall that we reported a while ago that state-backed advanced persistent threat (APT) organizations had been actively exploiting a significant hole in a Zoho single sign-on and password…

Hackers are turning to this simple technique to install their malware on PCs

Nation state-backed hacking groups are exploiting a simple but effective new technique to power phishing campaigns for spreading malware and stealing information that’s of interest to their governments.  Cybersecurity researchers at Proofpoint say…

Attackers Will Flock to Crypto Wallets, Linux in 2022: Podcast

That’s just the start of what cyberattackers will zero in on as they pick up APT techniques to hurl more destructive ransomware & supply-chain attacks, says Fortinet’s Derek Manky. Ransomware…

RedCurl Makes a Comeback: They Also Have Updated Hacking Tools

The Group-IB researchers have revealed in a recent report the returning of a reportedly corporate cyber-espionage hacker group dubbed RedCurl. RedCurl APT Group: Background The Group-IB experts discovered this APT…