Did 4 Major Ransomware Groups Truly Form a Cartel?
An analysis of well-known extortion groups and their cryptocurrency transactions reveals the answer.A collection of ransomware groups that banded together to create a "cartel" rarely collaborate and don't share...
Fraudsters Use HTML Legos to Evade Detection in Phishing Attack
Enterprise VulnerabilitiesFrom DHS/US-CERT's National Vulnerability Database
CVE-2021-29221PUBLISHED: 2021-04-09
A local privilege escalation vulnerability was discovered in Erlang/OTP prior to version 23.2.3. By adding files to an existing installation's directory, a local...
Zoom Joins Microsoft Teams on List of Enterprise Tools Hacked at Pwn2Own
White-hat hacking event shows yet again why there's no such thing as foolproof security against modern attacks.A pair of security researchers at the virtual Pwn2Own hacking contest Wednesday exploited...
Top 8 Phishing Attacks of 2021
Top 8 Phishing Attacks of 2021 (Q1) and Advice for SMBs and MSPs
To wrap up the 1st Quarter of 2021 the CEO at HacWare, Tiffany Ricks, wanted to recap...
Aurora campaign: Attacking Azerbaijan using multiple RATs
We identified a new Python-based RAT targeting Azerbaijan from the same threat actor we profiled a month ago.
This post was authored by Hossein Jazi
As tensions between Azerbaijan and...
New steganography attack targets Azerbaijan
A lure document targeting Azerbaijan uses steganography to conceal a remote administration Trojan.
This blog post was authored by Hossein Jazi
Threat actors often vary their techniques to thwart security...
Attackers Turn Struggling Software Projects Into Trojan Horses
While access to compromised systems has become an increasingly common service, some cybercriminals are going straight to the source: buying code bases and then updating the application with malicious...
North Korea’s Lazarus Group Expands to Stealing Defense Secrets
Several gigabytes of sensitive data stolen from one restricted network, with organizations in more than 12 countries impacted, Kaspersky says.The Lazarus Group, North Korea's advanced persistent threat (APT) actor,...
Microsoft Releases Free Tool for Hunting SolarWinds Malware
Meanwhile, researchers at SecurityScorecard say the "fileless" malware loader in the attack - Teardrop - actually dates back to 2017.Organizations investigating whether they are victims of — or are still...
61% of Malware Delivered via Cloud Apps: Report
Researchers report the majority of malware is now delivered via cloud applications - a jump from 48% last year.Most (61%) malware is now delivered via cloud applications, researchers report...
