Security analysts spotted two new ransomware variants for Nokoyawa and Chaos ransomware, in two separate reports. Chaos' variant named Yashma includes two new improvements: the ability to stop execution on the basis of a victim's location and stop different running processes linked with antivirus a ...
Read More
Microsoft found that scammers are using image files with a hidden malicious PHP script to manipulate e-commerce checkout pages and capture payment card details in their latest attack campaigns. The attackers are obfuscating their code snippets, injecting them into image files, and masquerading as w ...
Read More
Cyble researchers spotted a malware campaign targeting the infoSec community via a fake PoC exploit code for RPC Runtime RCE flaw. The fake exploit was distributed via GitHub. By attacking the infosec community, attackers are probably trying to gain access to vulnerability research or steal other p ...
Read More
A new attack observed by Trustwave starts with a chatbot-like page that attempts to establish communication and trust with the target instead of directly sending an embedded link.
The cybercrime operation states that it does not use any ransomware and focuses on network infiltration by abusing vulnerabilities. The attackers focus primarily on data exfiltration and do not build any encryption modules.
The targeted attack, dubbed Twisted Panda, has been going on since at least June 2021 and spied on at least two Russian defense research institutes and another unknown target in Belarus.
Sonatype warns developers against malicious packages in the PyPI registry that were rooted by cybercriminals to perform supply chain attacks by deploying Cobalt Strike beacons and backdoors on Windows, macOS, and Linux systems. It could provide hackers initial access to the developer's network for ...
Read More
First detected in 2017, Wizard Spider has come a long way. A recent investigation by Prodaft revealed that the gang is one of the wealthiest ones and its assets exceed hundreds of millions of dollars.
WordPress researchers unearthed a set of flaws in the Jupiter Theme and JupiterX Core plugins for the WordPress CMS, including a high-severity flaw that allows a third party to gain administrative privileges and completely take over a live site. Users are recommended to keep their machines up-to-da ...
Read More
Microsoft uncovered a malicious campaign targeting SQL servers using a malware dubbed SuspSQLUsage. Attackers leverage a built-in PowerShell binary to achieve persistence on compromised systems. However, for initial compromise, they rely on brute-force tactics. It is recommended to monitor for ...
Read More
Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.