A sophisticated phishing attack has emerged, delivering the AsyncRAT trojan as part of a malware campaign believed to have started in September 2021. This campaign has raised significant concerns among cybersecurity experts due to its innovative approach and potential for widespread damage. According to Michael Dereviashkin, a security researcher at…
Scattered Lapsus$ Hunters, a notable threat group previously linked to significant data breaches, has announced that it has compromised more than one billion records from Salesforce environments across the globe. This alarming disclosure highlights the evolving complexity of cyber threats faced by organizations relying on cloud services for operational efficiency.…
New Malware Exposed as Iranian APT Group Targets Global Networks Cybersecurity agencies from the United States and the United Kingdom have revealed new malware attributed to the Iranian government-sponsored advanced persistent threat (APT) group known as MuddyWater. This malware is reported to facilitate attacks against both government and commercial networks…
A Hive ransomware incident recently targeted an unspecified organization, leveraging vulnerabilities in Microsoft Exchange Server known as “ProxyShell” to conduct a swift attack that culminated in network encryption within 72 hours of initial compromise. This information was shared by Nadav Ovadia, a security researcher from Varonis, in a detailed post-mortem…
Microsoft recently announced that it has taken action to mitigate harmful activities linked to a previously unidentified hacker group known as Polonium. This group has been exploiting OneDrive for malicious purposes, prompting Microsoft to intervene. In addition to terminating the accounts connected to this Lebanon-based group, the Microsoft Threat Intelligence…
Recent findings from cybersecurity firm Silent Push indicate that Russian ransomware groups have introduced a sophisticated new threat known as CountLoader. This malware is not merely a conventional virus; it functions as a loader, specifically designed to infiltrate devices and install more dangerous software, including ransomware. CountLoader serves as a…
The Computer Emergency Response Team of Ukraine (CERT-UA) has issued an alert concerning a resurgence in cyber activity from the organized criminal group known as UAC-0173. This group is reportedly employing a remote access trojan called DCRat (also referred to as DarkCrystal RAT) to infiltrate systems. This recent campaign, which…
Recent investigations have revealed a sophisticated malware campaign deploying a remote access trojan (RAT) called AsyncRAT, utilizing Python payloads and TryCloudflare tunnels for distribution. Forcepoint X-Labs researcher Jyotika Singh indicated that AsyncRAT capitalizes on the async/await programming model, allowing attackers to covertly access and manipulate infected systems, exfiltrate data, and…
A new variant of the Snake Keylogger is intensifying its malicious activities, primarily targeting Windows users in countries including China, Turkey, Indonesia, Taiwan, and Spain. According to Fortinet FortiGuard Labs, this malware has been linked to over 280 million blocked infection attempts globally since the beginning of the year. Snake…
