Researchers identified a threat actor targeting multiple organizations including large universities and high schools in the U.S., along with high-tech organizations in Belgium.

An APT group based out of Iran is actively targeting Iranian users to deliver MarkiRAT that records keystrokes and clipboard content. Two suspicious documents related to it were uploaded to VirusTotal. It appears attackers are trying to enhance their arsenal with new tools to make their attack ... Read More

Users and security experts have uncovered a scam involving the delivery of fake replacement Ledger devices to customers to steal cryptocurrency. Customers using Ledger devices are recommended to beware of any unwanted email, package, or text.

In a recent report, Nuspire revealed that attacks against Fortinet’s SSL-VPN had jumped to 1,916% in the first quarter of 2021. It was also identified that there was a 1,527% spike in attacks against Pulse Secure VPN.

The APT group is capable of stealing victims’ system information, take screenshots, and write, move, or delete files. A subset of the victims were targeted with data collection executables that sought out removable media.

Researchers took the wraps off the operators of the Hades ransomware as they came across a new adversary group Gold Winter, whose behavior coincides with the former. The recent finding suggests that threat actors may be deliberately trying to find ways to look different or evolve their attack techn ... Read More

Experts are concerned as the source code of the .NET version of Paradise ransomware was found to have been leaked on a hacker forum. Such leaks could prove to be devastating as any interested attacker can create their own ransomware version to target victims. 

The Avaddon ransomware gang has shared 2,934 decryption keys , with Bleeping Computer, shrouded in an anonymous tip pretending to be from the FBI. The team soon shared it with Emsisoft, who confirmed the legitimacy of the keys.

Cryptocurrencies are an extortionist’s dream come true. It is very difficult to trace adversaries based on bitcoin addresses. Moreover, bitcoin has become essential on the dark web as it is easy to acquire and use.

Attackers behind SolarMarker were spotted using SEO keywords in PDF documents to boost the visibility of malicious links on search engines. A misled victim can be robbed of their personal data and credentials from browsers. Therefore, security professionals need to keep a strict eye on this evolvin ... Read More