Conti Ransomware: The History Behind One of the World’s Most Aggressive RaaS Groups

The Conti ransomware group has become one of the most notorious cybercrime collectives in the world, known for its aggressive tactics and large-scale attacks against a wide range of public and private organizations.

Tracking Earth Aughisky’s Malware and Changes

As Earth Aughisky (aka Taidoor) is one of the few APT groups that has exercised longevity in cyberespionage, security teams continue to gather data to evaluate its skills, developments, and relations with other APT groups and their activities.

Witchetty Group Uses Steganography To Target Middle East Entities

Witchetty Group Uses Steganography To Target Middle East Entities - Cybersecurity news - Threat Actors
In an ongoing cyberespionage campaign, hacking group Witchetty has been found targeting two governments in the Middle East and a stock exchange in Africa. Among the new tools used by the group is a backdoor named Stegmap. The malware is distributed via the rarely used steganography technique.

'Water Labbu' Group Abuses Malicious Decentralized Apps to Steal Cryptocurrency

In a parasitic manner, the threat actor compromised the websites of other scammers posing as a decentralized application (DApp) and injected malicious JavaScript code into them.

Analysis of DeftTorero TTPs in 2019–2021

During the intrusion analysis of DeftTorero’s webshells, researchers noted traces suggesting that the threat actor exploited a file upload form and/or a command injection flaw in a functional or staging website hosted on the target web server.

Lazarus HHackers Abuse Dell Driver Bug Using New FudModule Rootkit

The spear-phishing campaign unfolded in the autumn of 2021, and the confirmed targets include an aerospace expert in the Netherlands and a political journalist in Belgium.

Update: Vice Society raises ransomware pressure on Los Angeles school district

The threat, which was discovered and published on Twitter by Brett Callow from Emsisoft, effectively gives the Los Angeles school district less than four days to respond. Vice Society did not include any details about the data it plans to publish.
September 30, 2022

North Korean State-backed Hackers Found Rigging Legit Open-Source Software with Malware

The hackers, a sub-group of Lazarus called ZINC, are weaponizing a wide range of open-source software including PuTTY, KiTTY, TightVNC, Sumatra PDF Reader, and muPDF/Subliminal Recording software installers in a new wave of malware attacks.
September 30, 2022

‘Witchetty’ Group Targeted Middle Eastern Governments, Stock Exchange of African Nation

A cyber espionage group is targeting the governments of several Middle Eastern nations and has previously attacked the stock exchange of an African country, using malware to steal troves of data.

North Korea's Lazarus Hackers Targeting macOS Users Interested in Crypto Jobs

In the latest variant of the campaign observed by cybersecurity company SentinelOne last week, decoy documents advertising positions for the Singapore-based cryptocurrency exchange firm

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags