SharkBot – A New Generation Android Banking Trojan
SharkBot is a “newer” Android banking trojan found recently being distributed on the Google Play Store. The trojan was originally found in October of 2021 by the Cleafy research team. The original...
View ArticleChromeLoader Attacking Chrome Browsers Worldwide – How to Protect Yourself
An attack campaign is underway spreading the notorious ChromeLoader malware hijacking Chrome browsers worldwide. Aedan Russell, a security researcher from Red Canary, is reporting a sudden, unexpected...
View ArticleNew Malware Targeting Windows Subsystem for Linux
New threats are on the rise with operating systems becoming increasingly interoperable. Corporate environments using Windows Subsystem for Linux (WSL) need to be wary. Black Lotus Labs has discovered...
View ArticleLuoYu Hacker Collective using New Techniques to Deploy WinDealer Backdoor
Researchers at Kaspersky Labs have discovered a new attack by Advanced persistent threat (APT) actor LuoYu utilizing the known malware WinDealer. WinDealer has the unique ability to perform attacks via...
View ArticleEmotet Banking Trojan Re-Emerges After Take Down by Law Enforcement
Botnet Emotet has re-emerged after being taken down by a multinational joint task force operation in January 2021. The developers behind Emotet have been given credit as one of the first organizations...
View ArticleState-sponsored Iranian Hackers utilize .NET DNS Backdoor in new Attack
An Advanced Persistent Threat (APT) hacking group based out of Iran going by the name Lycaeum has been seen using a .NET-based DNS backdoor to target organizations within the telecommunication and...
View ArticleBlackCat Ransomware aka “ALPHV” infections on the rise
As the ransomware-as-a-service (RaaS) industry grows, more ransomware players come into the mix. BlackCat, also known as ALPHV, is a growing ransomware threat with the ability to target multiple...
View ArticleSyslogk Linux Rootkit triggers with magic packets
Avast researchers have spotted a Linux rootkit that has the ability to hide malicious processes. The new Linux rootkit, called Syslogk, works by using magic packets to activate a dormant backdoor on...
View ArticleBlueSky Ransomware Infects KMSAuto Activator users
A financially motivated threat actor has been discovered spreading a new ransomware strain, dubbed BlueSky. The group is believed to be connected to the Conti ransomware group. CloudSEK’s AI digital...
View ArticleFake ChatGPT websites are popping up and spreading malware
It was only a matter of time before hackers would start using the growing popularity of ChatGPT to spread malware and steal sensitive personal information. Recently, multiple security firms have...
View ArticleUpdate-resistant malware infects SonicWall security appliances
Researchers have discovered that threat actors linked to the Chinese government are using malware to infect SonicWall’s Secure Mobile Access 100, a popular security appliance, which remains active even...
View ArticleThe Emotet botnet returns and is sending a slew of malicious emails
The notorious Emotet botnet, considered one of the biggest threats to internet security, has resurfaced after a prolonged hiatus, armed with new tactics. The botnet’s trademark strategy of sending spam...
View ArticleNetwire RAT seized by FBI and other worldwide police agencies
The FBI, in partnership with several police agencies worldwide, has carried out an international law enforcement operation resulting in the arrest of a suspected administrator of the NetWire remote...
View ArticleEmotet now utilizing Onenote for its spam campaigns
The infamous Emotet malware has adopted a new tactic to spread its infection. Cybercriminals are now distributing the malware via email attachments in Microsoft OneNote format. The move is a calculated...
View ArticleMajor Security Flaw in Google Unveiled: Persistent Cookie Exploit Allows...
CloudSEK’s threat research team has recently brought to light a critical exploit impacting various Google services. This exploit allows threat actors to perpetually generate Google cookies, ensuring...
View ArticleCapital Health Faces Cyberattack: Lockbit Threatens Data Leak
Healthcare crisis as cyberattack rocks Capital Health. LockBit gang demands $250K after stealing 10M sensitive files.
View ArticleExploitation of CVE-2023-36025 Unveils Phemedrone Stealer Malware
Phemedrone Stealer Unleashes Advanced Tactics: Second Stage Extraction, Exfiltration Mastery, and Persistent Exploitation Despite CVE Patch.
View ArticleRansomware Attacks up 128% in 2023
Ransomware surged 128.17% in 2023, hitting 4191 victims. USA tops targets. LockBit leads with 66 groups, 59% victims.
View ArticleMedusa Ransomware Hits Kansas City Area Transportation Authority (KCATA)
A cyber nightmare engulfs KCATA as the Medusa ransomware gang strikes, demanding a $2 million ransom. Operations disrupted, data breach fears escalate.
View ArticleNew Chinese Malware “Coathanger” Discovered Targeting FortiGate Devices
Dutch intelligence uncovers Coathanger malware deployed by Chinese government targeting FortiGate devices in wider political espionage campaign.
View Article