Russian Cybercriminals Launch New 'Passion' Attack Platform

Russian Cybercriminals Launch New 'Passion' Attack Platform - Cybersecurity news - Threat Actors
Medical institutions in the U.S. and Europe are under attack from a new botnet network called Passion launching DDoS attacks. It operates as a DDoS-as-a-Service (DDoSaaS) platform and has distinctive ties with Russian hacking groups, such as Anonymous Russia, Killnet, MIRAI, and Venom. It ran sever ... Read More

‘0ktapus’ hackers are back and targeting tech and gaming companies, says leaked report

The hackers who reportedly hit more than 130 organizations last year and stole the credentials of almost 10,000 employees are still targeting several tech and video game companies, according to a report obtained by TechCrunch.

Mustang Panda APT Group Uses European Commission-Themed Lure to Deliver PlugX Malware

The Mustang Panda APT group loads the PlugX malware in the memory of legitimate software by employing a four-stage infection chain that leverages malicious shortcut (LNK) files, triggering execution via DLL search-order-hijacking.

What SOCs Need to Know About Water Dybbuk

Once the email attachment is opened, the target’s computer will reach out to the command-and-control (C&C) server hosting a BadaxxBot toolkit that acts as a redirector to the final phishing page.

Threat Actors Use ClickFunnels to Bypass Security Services

According to security researchers at Avanan, threat actors have been exploiting ClickFunnels' ability to create pages with malicious links and ultimately conduct credential-harvesting attacks.

Rising ‘Firebrick Ostrich’ BEC Group Launches Industrial-Scale Cyberattacks

Business email compromise (BEC) has become one of the most popular methods of financially motivated hacking. And over the past year, one group, in particular, has demonstrated just how quick, easy, and lucrative it really is.

New APT34 Malware Targets The Middle East

Trend Micro analyzed a cyberespionage campaign targeting organizations in the Middle East in December 2022 using a new backdoor. It abuses compromised email accounts to send stolen data to external mail accounts controlled by attackers.

Iranian and Russian Groups Target Organizations - Warns NCSC

Iranian and Russian Groups Target Organizations  - Warns NCSC - Cybersecurity news - Threat Actors
The NCSC-U.K warned against ongoing spear-phishing campaigns against government entities, NGOs, think tanks, academia, and others, by Russia-based SEABORGIUM and Iran-based TA453 threat actors. SEABORGIUM and TA453 spend time researching their targets' interests and contacts to create a convin ... Read More

Cobalt Sapling Uses Multiple Personas for Pro-Iranian Missions

Cobalt Sapling Uses Multiple Personas for Pro-Iranian Missions - Cybersecurity news - Threat Actors
The threat actor known as Cobalt Sapling was spotted targeting Saudi Arabia by creating a new sub-group dubbed Abraham's Ax. Researchers also found a connection between Moses Staff and Abraham's Ax. Both rely on the same custom cryptographic wiper malware for encrypting the victim’s data. To stay p ... Read More

Copycat Criminals Mimicking Lockbit Ransomware Gang in Northern Europe

Despite not being the true LockBit Locker group, these micro criminals were still able to cause significant damage by encrypting a large number of internal files at SMBs in Belgium.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags