Phorpiex Botnet Is Becoming Harder to Disrupt

Phorpiex/Trik is an SDBot fork (therefore IRC-based) used to spread GandCrab, Pushdo, Pony, and coin miners. The previously retired Phorpiex botnet has resurfaced with new peer-to-peer command and control architecture,…

‘PseudoManuscrypt’ Mass Spyware Campaign Targets 35K Systems

It’s similar to Lazarus’s Manuscrypt malware, but the new spyware is splattering itself onto government organizations and ICS in a non-Lazarus-like, untargeted wave of attacks. Researchers have tracked new spyware…

The Log4j Vulnerability Is Now Used by State-Backed Hackers

The vulnerability, officially tagged as CVE-2021-44228 and called Log4Shell or LogJam, is an unauthenticated RCE vulnerability that allows total system takeover on systems running Log4j 2.0-beta9 through 2.14.1. What Happened? Nation-state hackers…

Variant of Phorpiex botnet used for cryptocurrency attacks in Ethopia, Nigeria, India and more

Check Point Research has discovered new attacks targeting cryptocurrency users in Ethiopia, Nigeria, India and 93 other countries. The cybercriminals behind the attacks are using a variant of the Phorpiex…

Relentless Log4j Attacks Include State Actors, Possible Worm

More than 1.8 million attacks, against half of all corporate networks, have already launched to exploit Log4Shell. Call it a “logjam” of threats: Attackers including nation-state actors have already targeted…

Nation-state hackers aim to exploit Log4j software flaw, Microsoft warns

Written by AJ Vicens and Tim Starks Dec 15, 2021 | CYBERSCOOP Hackers associated with the governments of China, Iran, North Korea and Turkey have been trying to find ways…

Apache’s Fix for Log4Shell Can Lead to DoS Attacks

Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes. As if finding one easily-exploited…

New Ransomware Family Deployed in Log4Shell Attacks

Recently a public exploit for the major zero-day vulnerability known as ‘Log4Shell’ in the Apache Log4j Java-based logging platform has been made available. Log4j is a development platform that enables…

Tactical Threat Intelligence: How to shield data from advanced attacks

Struck by the reality of remote collaboration, companies had to rethink both their business strategy and their infrastructure. This led many large enterprises and public organizations to restructure their data…

Volatile and Adaptable: Tracking the Movements of Modern Ransomware

Trend Micro – Trend Micro – Volatile and Adaptable: Tracking the Movements of Modern Ransomware Ransomware Trend Micro’s tracking of modern ransomware, as well as of older families, shows which…