Advanced Intel's Yelisey Boguslavskiy told BleepingComputer that instead of rebranding as another large ransomware operation, the Conti leadership has instead partnered with other smaller ransomware gangs to conduct attacks.

The North Korean hacking group known as Lazarus is exploiting the Log4J remote code execution vulnerability to inject backdoors that fetch information-stealing payloads on VMware Horizon servers.

The Space Pirates APT group has been seen targeting government agencies and enterprises involved in IT services, aerospace, and electric power industries located in Russia, Georgia, and Mongolia.

Cisco Talos revealed an ongoing campaign operated by the APT actor since August 2021. The campaign has been launched against an elite unit of the Bangladeshi government via spear-phishing emails.

Chinese APT Override Panda, aka Naikon, was found launching new phishing attacks to collect intelligence from ASEAN members to steal sensitive data. The recent campaign uses a weaponized Office document to start the infection kill chain. Organizations are suggested to focus on protecting their sens ... Read More

PRODAFT says that Wizard Spider focuses on compromising enterprise networks and "has a significant presence in almost every developed country in the world, and many emerging economies as well."

Iran-linked Cobalt Mirage, aka Charming Kitten, is allegedly targeting organizations in the U.S., Israel, Europe, and Australia and dropping BitLocker and DiskCryptor strains. Hackers mark initial access by scanning internet-facing servers exposed to publicized flaws in Fortinet appliances and Exch ... Read More

Killnet hackers have announced global cyberattacks against a number of countries - including the UK, US, Germany, Italy, Latvia, Romania, Lithuania, Estonia, Poland, and Ukraine - for standing up to Vladimir Putin's war in Ukraine.

Researchers have detailed a string of cyberattacks involving ransomware which took place in early 2022 to an Iranian hacking group they refer to as Cobalt Mirage – also known as APT35, Charming Kitten, Phosphorus, and TA453 by other research groups.

SideWinder's operatives even ran two versions of its obfuscation techniques over several months, and appear to have migrated from an older and less stealthy version to its current malware.