Cybercriminal group TA551 was found hijacking an ongoing email conversation to spread information-stealing malware such as Ursnif, Valak, and IcedID, Palo Alto Networks revealed.

A sophisticated group is using a webshell called BumbleBee in an ongoing xHunt campaign targeting Microsoft Exchange servers at Kuwaiti organizations.

The cyber landscape has recently encountered many new variants of trojans. Since many trojans are now offered for sale or rent on dark web forums, it enables such attack campaigns to grow rapidly.

Researchers have pointed out that several cyber gangs have started targeting Linux machines via a fileless malware installation technique that was more commonly used against Windows-based systems.

The year 2020 was characterized by chaotic change, and unfortunately, cybersecurity threats were a part of that as many organizations everywhere faced a constantly shifting set of risks.

In the wake of several recent attacks, the adoption of ransomware tactics points to the fact that these APT groups are aiming for financial gains as these attacks don’t count as espionage targets.

The developers of one of the infamous information-stealers in the malware landscape have added a third stage to its process of compromising systems, along with more encryption, as a way to escape detection. 

A security firm tracked tens and thousands of malware C&C servers used across over 80 malware families; more than a quarter of all the servers used Cobalt Strike and Metasploit.

A recent FBI advisory urges all private sector organizations to be on the alert for potential malicious activities from the threat actors behind Egregor ransomware.

Researchers have linked recent TeamTNT botnet activity to extraction and stealing of Docker and AWS credentials. Previously, it would mine cryptocurrency only on misconfigured container platforms.