DragonRank Leverages IIS Servers using BadIIS Malware for Fraudulent SEO and Redirecting to Gambling Sites
Malicious entities have been detected focusing on Internet Information Services (IIS) servers in the Asian region in an effort to...
observed
Hackers from XE Group Utilize VeraCore Zero-Day Vulnerability to Install Enduring Web Shells
Malicious individuals have been seen taking advantage of several vulnerabilities in different software solutions, such as Progress Telerik UI for...
Malicious Hackers Utilizing SimpleHelp RMM Vulnerabilities for Continual Entry and Ransomware
Recent reports indicate bad actors are taking advantage of newly revealed weaknesses in SimpleHelp's Remote Monitoring and Management (RMM) platform...
Kimsuky, a nation-state hacking group associated with North Korea, utilizes the forceCopy virus to pilfer credentials stored in web browsers
Recent discoveries from the Security Intelligence Center at AhnLab have revealed that the hacking collective Kimsuky has been engaged in...
AsyncRAT Campaign Uses Python Payloads and TryCloudflare Tunnels for Stealth Attacks
Python-focused Attack Scheme Deploys AsyncRAT through TryCloudflare TunnelsAn instance of malicious activity has been detected around the deployment of a...
Latest Aquabot Botnet Takes Advantage of CVE-2024-41710 in Mitel Telephones for DDoS Assaults
An Aquabot iteration of Mirai botnet has been identified actively trying to utilize a moderate-risk vulnerability affecting Mitel telephones to...
Exploring Lumma Stealer’s Delivery Through GitHub-Based Approach with Managed Detection and Response
This campaign's observed strategies closely correspond to those associated with the threat faction Stargazer Goblin, albeit with noticeable disparities in...
React Admin Panel Enables Lazarus Group to Manage Worldwide Cyber Offensives
Recent sightings reveal that the Lazarus Group, a prominent threat entity from North Korea, is utilizing a "browser-based control center"...
UAC-0063 Broadens Cyber Offensives on European Diplomatic Missions Through Pilfered Records
The sophisticated continuous threat (SCT) faction recognized as UAC-0063 has been identified utilizing authorized paperwork acquired through breaching one target...
Imitation by GamaCopy Resembles Gamaredon’s Strategies in Cyber Espionage Aimed at Russian Organizations
An unidentified threat actor has been identified replicating the techniques linked to the Kremlin-affiliated Gamaredon cybercrime group in their attacks...
Cybercriminals Conceal Malicious Software in Pictures to Distribute VIP Keylogger and 0bj3ctivity Stealer
Malicious groups have been detected hiding harmful scripts in images to disseminate malware like VIP Keylogger and 0bj3ctivity Stealer in...
VBCloud Malware Unleashed by Cloud Atlas: Majority of Victims Detected in Russia
Cloud Atlas, a threat actor, has recently been identified deploying a new malware named VBCloud in its cyber assault operations...
Iran’s Lovely Feline Launches BellaCPP: A Fresh C++ Version of BellaCiao Malware
Charming Kitten, the nation-state hacking group from Iran, has been detected utilizing a C++ iteration of the popular BellaCiao malware....
Many People Installing Fake npm Packages Pretending to be Authentic Tools
Malicious individuals have been seen uploading deceptive alternatives of legitimate npm bundles like eslint-typescript and @types/node that have accumulated a...
Rogue RDP Servers and PyRDP: Preferred Tools of APT29 in Targeting High-Profile Victims
APT29, a threat actor associated with Russia, has recently been identified utilizing an unconventional strategy in cyber operations against valuable...
