The Conti ransomware group has become one of the most notorious cybercrime collectives in the world, known for its aggressive tactics and large-scale attacks against a wide range of public and private organizations.
As Earth Aughisky (aka Taidoor) is one of the few APT groups that has exercised longevity in cyberespionage, security teams continue to gather data to evaluate its skills, developments, and relations with other APT groups and their activities.
In an ongoing cyberespionage campaign, hacking group Witchetty has been found targeting two governments in the Middle East and a stock exchange in Africa. Among the new tools used by the group is a backdoor named Stegmap. The malware is distributed via the rarely used steganography technique.
During the intrusion analysis of DeftTorero’s webshells, researchers noted traces suggesting that the threat actor exploited a file upload form and/or a command injection flaw in a functional or staging website hosted on the target web server.
The threat, which was discovered and published on Twitter by Brett Callow from Emsisoft, effectively gives the Los Angeles school district less than four days to respond. Vice Society did not include any details about the data it plans to publish.
The hackers, a sub-group of Lazarus called ZINC, are weaponizing a wide range of open-source software including PuTTY, KiTTY, TightVNC, Sumatra PDF Reader, and muPDF/Subliminal Recording software installers in a new wave of malware attacks.