TeslaGun Primed to Blast a New Wave of Backdoor Cyberattacks
A newly discovered cyberattack panel dubbed TeslaGun has been discovered, used by Evil Corp to run ServHelper backdoor campaigns.
Data gleaned from an analysis by the Prodraft Threat Intelligence (PTI) team shows the Evil...
Mysterious ‘Worok’ Group Launches Spy Effort With Obfuscated Code, Private Tools
A relatively new cyber-espionage group is using an intriguing custom arsenal of tools and techniques to compromise companies and governments in Southeast Asia, the Middle East, and southern Africa,...
Defenders Be Prepared: Cyberattacks Surge Against Linux Amid Cloud Migration
Linux may not quite stack up to Windows when it comes to the raw number of attacks against systems running the operating system, but threat actor interest in Linux-based...
EvilProxy Commodifies Reverse-Proxy Tactic for Phishing, Bypassing 2FA
A phishing-as-a-service offering being sold on the Dark Web uses a tactic that can turn a user session into a proxy to bypass two-factor authentication (2FA), researchers have found.
The...
Critical QNAP NAS Zero-Day Bug Exploited to Deliver DeadBolt Ransomware
A critical zero-day security vulnerability in QNAP's network-attached storage (NAS) devices has been actively exploited in the wild to deliver the DeadBolt ransomware variant.
The vendor warned that the...
An interview with Ukrainian hacker ‘Herm1t’ on countering pro-Kremlin attacks
Editor’s Note: Andrey Baranovich, who is known online as “Herm1t,” spent much of the ’90s and ’00s chronicling the history of malware development on a site known in the...
Ragnar Locker Brags About TAP Air Portugal Breach
Despite TAP Air Portugal's claims that a recent cyberattack was stopped and no airline customer data was compromised, the Ragnar Locker ransomware gang posted on its leak site that it's got...
The Makings of a Successful Threat-Hunting Program
Over the last few years, an influx of high-profile industry security issues (PDF) have placed offensive tactics among the top priorities for corporations to help mitigate the risk of...
Raspberry Robin Malware Connected to Russian Evil Corp Gang
Raspberry Robin, a widespread USB-based worm that acts as a loader for other malware, has significant similarities to the Dridex malware loader, meaning that it can be traced back...
Researchers Spot Snowballing BianLian Ransomware Gang Activity
A new player to the ransomware space called BianLian is ramping up activity, and has already targeted organizations in Australia, North America, and the United Kingdom.
According to an advisory...
