October 22, 2021

DarkSide Ransomware Gang Moves Bitcoin Reserves After REvil Got Hit by Law Enforcement Action

The operators of the Darkside and BlackMatter ransomware strains have moved a large chunk of their Bitcoin reserves after news broke that REvil was hit by a law enforcement takedown.

Evil Corp Rebrands Their Ransomware to Macaw Locker to Evade US Sanctions

The Macaw Locker ransomware encrypts victims’ files and append the .macaw extension to the file name of the encrypted files. It drops ransom notes with a link to a unique victim negotiation page.

Financially Motivated Hacking Gang Creates Fake Firm to Hire Pentesters for Ransomware Attacks

The FIN7 hacking group is attempting to join the highly profitable ransomware space by creating fake cybersecurity companies that conduct network attacks under the guise of pentesting.

Ransomware Operators Adopting New Franchise Business Model

Ransomware Operators Adopting New Franchise Business Model - Cybersecurity news - Threat Actors
Trend Micro has uncovered a new franchise RaaS model, evincing deep connections between XingLocker, AstroLocker Team, and Mount Locker, which is at the top of the hierarchy. Researchers observed a typical distribution of resources among the malware, pointing towards the use of a shared infrastructu ... Read More
October 21, 2021

Cybercriminals Exploit the Discord CDN to Deliver 27 Unique Types of Malware

Discord, a popular VoIP, instant messaging, and digital distribution platform used by 140 million people in 2021, is being abused by cybercriminals to deploy malware files.
October 20, 2021

Hackers are Disguising Malicious JavaScript Code Using Packers to Bypass Signature-based Detection Systems

Packers work by compressing or encrypting code to make that code unreadable and non-debuggable — resulting in 'obfuscated' code that is difficult for antivirus to detect.

TA505 Gang Returns with Newly Polished FlawedGrace RAT in Malspam Campaign

The TA505 cybercrime group is upping its financially motivated attacks, shooting malware at a range of industries in a wave of email-based attacks that surged late last month.

Previously Unknown State-Sponsored Actor Uses Custom Malware to Target Telecom Providers and IT Firms

The goal of the group, tracked as Harvester by researchers at Symantec who spotted it, is to collect intelligence in highly targeted espionage campaigns focusing on IT, telecom, and government entities.

TeamTNT Threat Group Deploys Malicious Docker Image on Docker Hub to Distribute Hacking Tools

The malicious Docker image was hosted in Docker Hub under the handle name alpineos, a community user who joined Docker Hub on May 26, 2021. Reportedly, the profile was hosting 25 Docker images.

U.S. and Israeli Defense Tech Firms Targeted by Iranian Actors

U.S. and Israeli Defense Tech Firms Targeted by Iranian Actors - Cybersecurity news - Threat Actors
Iran-linked hackers were found conducting extensive password spraying attacks against Office 365 accounts of defense technology and global maritime firms in the U.S. and Israel. The group attempts to gain access to commercial satellite imagery and proprietary shipping plans/logs. Microsoft notifie ... Read More

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags