Microsoft Flags Attack Targeting SQL Servers With Novel Approach
Microsoft Security Intelligence this week tweeted a warning about an attack campaign targeting SQL servers and using a new approach to evade PowerShell monitoring.
Instead of PowerShell, these threat actors are using sqlps.exe, a utility...
Phishing Attacks for Initial Access Surged 54% in Q1
Threat actors doubled down on their use of phishing emails as an initial attack vector during the first quarter of 2022 — and in many cases then used that access to...
Pro-Russian Information Operations Escalate in Ukraine War
In March, in the middle of Russia's invasion of Ukraine, a video surfaced that showed Ukraine's President Volodymyr Zelensky announcing his country's surrender to the Russian forces. Another story...
Partial Patching Still Provides Strong Protection Against APTs
Analysis has surfaced what many would consider a surprising insight: Organizations that always update to the newest versions of all of their software have roughly the same risk of being...
How vx-underground is building a hacker’s dream library
Editor’s Note: When malware repository vx-underground launched in 2019, it hardly made a splash in the hacking world. “I had no success really,” said its founder, who goes by...
Russian Group Sandworm Foiled in Attempt to Disrupt Ukraine Power Grid
Ukraine's computer emergency response team (CERT-UA), in collaboration with researchers from ESET and Microsoft, last week foiled a cyberattack on an energy company that would have disconnected several high-voltage...
Credential-stealing malware disguises itself as Telegram, targets social media users
Spyware.FFDroider is an information stealer that exfiltrates browser data in an attempt to steal credentials and valid session cookies.
A credential-stealing Windows-based malware, Spyware.FFDroider, is after social media credentials...
Microsoft Sinkholes Russian Hacking Group’s Domains Targeting Ukraine
Microsoft this week commandeered seven domains being used by the Russian GRU nation-state hacking team known as Fancy Bear or Strontium to thwart the advanced persistent threat (APT) group...
Google Removes Dangerous Banking Malware From Play Store
A dangerous Android banking Trojan called SharkBot that first surfaced last October and continues to circulate in the wild is the latest example of threat actor persistence in trying...
BlackCat Purveyor Shows Ransomware Operators Have 9 Lives
A ransomware group boasting its members come from now-shuttered groups BlackMatter and REvil has emerged from the shadows to launch a new ransomware-as-a-service, already attacking an enterprise resource planning...
