Agent Tesla Spyware Used in Phishing Campaign

Agent Tesla initially detected in late 2014, is a known spyware aimed at collecting sensitive data from a victim’s device, such as stored application credentials and keyboard inputs (keylogger). Agent…

‘Seedworm’ Attackers Target Telcos in Asia, Middle East

The focused attacks aimed at cyberespionage and lateral movement appear to hint at further ambitions by the group, including supply-chain threats. Attackers targeting telcos across the Middle East and Asia…

French Users and Orgs Targeted by TinyNuke Info-Stealing Malware

According to security researchers, the TinyNuke banking malware (also known as Nukebot) has resurfaced in a new operation exclusively targeting French users and organizations with invoice-themed email lures. The targets…

Technical Advisory: Zero-day critical vulnerability in Log4j2 exploited in the wild

On December 9, 2021, Apache disclosed CVE-2021-44228, a remote code execution vulnerability – assigned with a severity of 10 (the highest possible risk score). The source of the vulnerability is Log4j,…

‘Karakurt’ Extortion Threat Emerges, But Says No to Ransomware

The threat group, first identified in June, focuses solely on data exfiltration and subsequent extortion, and has already targeted 40 victims since September. There is a new financially motivated threat…

New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes

Trend Micro – Trend Micro – New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes Ransomware We analyzed new samples of the Yanluowang ransomware. One interesting aspect of these…

Emotet’s Behavior & Spread Are Omens of Ransomware Attacks

The botnet, which resurfaced last month on the back of TrickBot, can now directly install Cobalt Strike on infected devices, giving threat actors direct access to targets. The rapid spread…

New Ceeloader Malware Used By Russian-backed Advanced Persistent Threat (APT) Organization Nobelium

Nobelium is a Russian-backed advanced persistent threat (APT) organization that achieved attention towards the end of 2020 after breaching SolarWinds’ software development supply chain to obtain access to espionage targets,…

Cuba Ransomware Obtained $44 Million in Ransom Payments

In a new flash alert, the FBI has warned about Cuba ransomware, a threat actor that as of early November 2021 impacted roughly 50 organizations in five critical infrastructure sectors…

Cuba Ransomware Gang Hauls in $44M in Payouts

The gang is using a variety of tools and malware to carry out attacks in volume on critical sectors, the FBI warned. The “Cuba” ransomware gang has settled into a…