Recent investigations indicate that despite concerted efforts to disrupt the TrickBot malware operations, its creators are adapting and evolving their tactics. A report from cybersecurity firm Netscout reveals that the authors of TrickBot have ported elements of their malicious code to Linux, broadening their potential target base. Initially identified in…
Mexican financial institutions are currently being targeted by a sophisticated spear-phishing campaign that deploys a modified variant of the open-source remote access trojan known as AllaKore RAT. This attack has been attributed to an unidentified financially motivated actor based in Latin America, with the campaign having been operational since at…
A newly emerged AI image creation startup has come under fire for leaving its database exposed, resulting in the unauthorized access of over a million user-generated images and videos. Alarmingly, the majority of the leaked content includes explicit material, with some instances involving minors. This breach raises significant concerns regarding…
Recent research indicates that a nation-state actor known for prolonged cyber espionage activities has transitioned to using coin mining techniques. This strategic shift, attributed to the hacking group Bismuth, is aimed at evading detection while ensuring persistence within the systems of their targets. The Microsoft 365 Defender Threat Intelligence Team…
A recent breakthrough in cybersecurity research reveals a significant vulnerability within air-gapped systems, which are designed to be isolated from unsecured networks. Researchers have successfully demonstrated a method for exfiltrating sensitive data using a novel attack called AIR-FI. This technique operates by leveraging electromagnetic emissions from the computer’s DDR SDRAM…
New Malspam Campaign Distributing Remote Access Trojan Posing as Trump Scandal Video Cybersecurity researchers have unveiled a new malspam operation that aims to spread a remote access Trojan (RAT) by leveraging sensational claims of a scandal involving U.S. President Donald Trump. The campaign has been linked to deceptive emails featuring…
The U.S. Department of Justice has brought charges against a Chinese hacker and an accomplice for their alleged involvement in the notorious 2015 data breach at Anthem, one of the largest health insurance companies in the nation, as well as three other yet-to-be-disclosed American firms. The indictment, which was made…
Mimecast Confirms Breach Linked to SolarWinds Cyberattack Mimecast, a prominent cloud-based email management provider, disclosed on Tuesday that a “sophisticated threat actor” had compromised one of its digital certificates integral to secure connections with Microsoft 365 Exchange. This alarming revelation emerged after Microsoft notified Mimecast of potential vulnerabilities. In response,…
In a recent development, cybersecurity researchers uncovered an ongoing surveillance initiative targeting Colombian government institutions and private enterprises within the energy and metallurgical sectors. This attack campaign, referred to as “Operation Spalax,” was detailed in a report released Tuesday by ESET, a Slovak cybersecurity firm. The operation first began in…
