The Gootkit malware framework, which has been recognized for distributing banking Trojans, has recently undergone significant enhancements that enable it to deliver a broader spectrum of malicious software, including ransomware variants. According to researchers from Sophos, Gabor Szappanos and Andrew Brandt, the Gootkit malware family has been in existence for…
Security experts have raised alarms regarding a series of targeted attacks aimed at unpatched Fortinet VPN devices, impacting industrial enterprises across Europe. These assaults are believed to have facilitated the deployment of a new ransomware variant known as “Cring” within corporate infrastructures. According to a report from cybersecurity firm Kaspersky,…
Recent investigations have unveiled that Air India, India’s national carrier, was subject to a protracted cyberattack lasting at least two months, in addition to a significant data breach disclosed last month. The attack has been attributed with moderate confidence to APT41, a China-based nation-state threat group known for its sophisticated…
Recent investigations have unveiled a robust cyber campaign that initially targeted Myanmar but has since expanded its reach to include numerous organizations in the Philippines. This heightened activity was reported by Russian cybersecurity firm Kaspersky, which first detected these infections back in October 2020. Kaspersky associates this malicious activity with…
In recent developments, the notorious ShadowPad malware has continued to be utilized by various Chinese cyber threat groups since its emergence in 2017. This Windows backdoor allows attackers to deploy additional malicious modules or exfiltrate sensitive information, raising serious concerns among cybersecurity professionals. SentinelOne researchers Yi-Jhen Hsieh and Joey Chen…
On Monday, cybersecurity researchers unveiled the existence of a newly identified re-implementation of the notorious Cobalt Strike Beacon for both Linux and Windows operating systems. This variant, dubbed “Vermilion Strike,” has been actively targeting a range of sectors, including government, telecommunications, IT, and financial institutions. This advanced yet undetected penetration…
A recent report highlights the cyber espionage group APT41, tied to a series of malware campaigns that leverage COVID-themed phishing strategies to target individuals in India. This revelation comes from an analysis by the BlackBerry Research and Intelligence team, which has connected various aspects of the group’s operational infrastructure. According…
Recent intelligence reveals a troubling collaboration between the TrickBot Trojan operators and the Shathak threat group. This partnership aims to deliver various forms of malware, culminating in the deployment of Conti ransomware on compromised systems. This evolution highlights the sophistication of recent cybercrime tactics, signaling an increasing urgency for businesses…
Recent cybersecurity developments have revealed that cybercriminals are actively exploiting the newly discovered “Log4Shell” vulnerability in the widely used Log4j library. This vulnerability has enabled attackers to exploit unpatched servers, allowing them to deploy cryptocurrency miners, utilize Cobalt Strike for additional malicious objectives, and integrate compromised devices into expanding botnets.…
