USB-based Wormable Malware Targets Windows Installer
Activity dubbed ‘Raspberry Robin’ uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands.
Credit: Red Canary
Wormable malware dubbed Raspberry Robin has been...
Emotet is Back From ‘Spring Break’ With New Nasty Tricks
The Botnet appears to use a new delivery method for compromising Windows systems after Microsoft disables VBA macros by default.
Emotet malware attacks are back after a 10-month “spring break”...
Most Email Security Approaches Fail to Block Common Threats
A full 89 percent of organizations experienced one or more successful email breaches during the previous 12 months, translating into big-time costs.
On overwhelming number of security teams believe their...
‘CatalanGate’ Spyware Infections Tied to NSO Group
Citizen Lab uncovers multi-year campaign targeting autonomous region of Spain, called Catalonia.
An unknown zero-click exploit in Apple’s iMessage was used by Israeli-based NSO Group to plant either Pegasus...
Cyberattackers Put the Pedal to the Medal: Podcast
Fortinet’s Derek Manky discusses the exponential increase in the speed that attackers weaponize fresh vulnerabilities, where botnets and offensive automation fit in, and the ramifications for security teams.
Cyber-defenders...
Karakurt Ensnares Conti, Diavol Ransomware Groups in Its Web
Connections that show the cybercriminal teams are working together signal shifts in their respective tactics and an expansion of opportunities to target victims.
Researchers have found financial and technological links...
Feds: APTs Have Tools That Can Take Over Critical Infrastructure
Threat actors have developed custom modules to compromise various ICS devices as well as Windows workstations that pose an imminent threat, particularly to energy providers.
Threat actors have built and...
Menswear Brand Zegna Reveals Ransomware Attack
Accounting materials from the Italy-based luxury fashion house were leaked online by RansomExx because the company refused to pay.
High-end Italian fashion house Ermenegildo Zegna revealed on Monday that it...
Microsoft Takes Down Domains Used in Cyberattack Against Ukraine
The APT28 (Advanced persistence threat) is operating since 2009, this group has worked under different names such as Sofacy, Sednit, Strontium Storm, Fancy Bear, Iron Twilight, and Pawn.
Microsoft seized...
Google Play Bitten by Sharkbot Info-stealer ‘AV Solution’
Google removed six different malicious Android applications targeting mainly users in the U.K. and Italy that were installed about 15,000 times.
Researchers have found the info-stealing Android malware Sharkbot lurking...
