Researchers Laid Bare Toolset Distribution Point of Mustang Panda

Researchers Laid Bare Toolset Distribution Point of Mustang Panda - Cybersecurity news - Threat Actors
Avast uncovered a distribution point under the control of Mustang Panda APT that serves as temporary storage to exfiltrate tons of data on a daily basis. The dump includes documents, recordings, and webmail dumps including scans of the passports of individuals. Target regions are Asia, the US ... Read More

Chinese Cyberespionage Hackers Using USB Devices to Infiltrate Entities in the Philippines

Mandiant, which is part of Google Cloud, is tracking the cluster under its uncategorized moniker UNC4191. An analysis of the artifacts used in the intrusions indicates that the campaign dates as far back as September 2021.

New ransomware attacks in Ukraine linked to Russian Sandworm hackers

Slovak software company ESET who first spotted this wave of attacks, says the ransomware they named RansomBoggs has been found on the networks of multiple Ukrainian organizations.

Yanluowang Ransomware: The Hunter Becomes the Hunted

Yanluowang Ransomware: The Hunter Becomes the Hunted - Cybersecurity news - Threat Actors
Trellix researchers analyzed thousands of leaked internal messages related to the Yanluowang group and revealed the group's inner workings, victims, and possible collaboration with other Russian ransomware groups.

Ducktail Group Brings New Arsenal and Evasion Tactics to Uplift Its Attack Game

Ducktail Group Brings New Arsenal and Evasion Tactics to Uplift Its Attack Game - Cybersecurity news - Threat Actors
WithSecure researchers have published an advisory about new developments of the Ducktail infostealer. The recent campaigns feature new tricks to spear-phish targets via WhatsApp.

Donut Leaks Now Targets Victims With Its Own Custom Ransomware Tool

Donut Leaks Now Targets Victims With Its Own Custom Ransomware Tool - Cybersecurity news - Threat Actors
BleepingComputer researchers have found new samples of an encryptor for Donut ransomware and confirmed that it is using its own customized ransomware in recent attacks.

Donut Extortion Group Found Targeting Victims with Custom Ransomware

This week, BleepingComputer found a sample of an encryptor for the Donut operation, aka D0nut, showing that the group is using its own customized ransomware for double-extortion attacks.

DEV-0569 Group Switches Tactics, Abuses Google Ads to Deliver Payloads

DEV-0569 Group Switches Tactics, Abuses Google Ads to Deliver Payloads - Cybersecurity news - Threat Actors
DEV-0569 uses a malware downloader, BatLoader, that drops the next stage payloads (via PowerShell commands), including Royal ransomware and Cobalt Strike Beacon implant.

Earth Preta Targets Multiple Sectors With Large-Scale Spear-Phishing

Earth Preta Targets Multiple Sectors With Large-Scale Spear-Phishing - Cybersecurity news - Threat Actors
According to Trend Micro researchers, Earth Preta is targeting government, academic, foundations, and research sectors in Myanmar, Australia, the Philippines, Japan, Taiwan, and other Asia Pacific countries.

Microsoft Warns of Cybercrime Group Delivering Royal Ransomware, Other Malware

The threat actor is relying on malware downloaders such as BatLoader, posing as legitimate installers or updates for software such as AnyDesk, Adobe Flash Player, Microsoft Teams, TeamViewer, and Zoom.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags