News • Insights • Analysis
Trend Micro observed a new attack vector of weaponization for the vulnerability CVE-2023-22527 using the Godzilla backdoor. Following initial exploitation, a loader was loaded into the Atlassian victim server which loads a Godzilla webshell. On January 16, 2024, Atlassian released a Read More …
Fortinet’s FortiGuard Labs recently caught a phishing campaign in the wild with a malicious Excel document attached to the phishing email. Fortinet researchers performed a deep analysis on the campaign and discovered that it delivers a new variant of Snake Read More …
In June 2024, Kaspersky discovered a macOS version of the HZ Rat backdoor targeting users of the enterprise messenger DingTalk and the social network and messaging platform WeChat. The samples Kaspersky found almost exactly replicate the functionality of the Windows Read More …
In March 2020 specialists from the PT Expert Security Center conducted an analysis on the activities of the APT group Higaisa. This group was first studied by security analysts at Tencent in November 2019. In that analysis, Tencent specialists reached Read More …
In the shadowy world of cybercrime, even the most cunning hackers can make blunders that expose their operations. In this article CPR describes the discovery of Styx Stealer, a new malware variant derived from the notorious Phemedrone Stealer. Check Point Read More …
FortiGuard Labs recently encountered an ongoing ValleyRAT campaign specifically targeting Chinese speakers. This malware has historically targeted e-commerce, finance, sales, and management enterprises. ValleyRAT is a multi-stage malware that utilizes diverse techniques to monitor and control its victims and deploy Read More …
Kaspersky Global Emergency Response Team (GERT) has identified a complex campaign, consisting of multiple sub-campaigns orchestrated by Russian-speaking cybercriminals. The sub-campaigns imitate legitimate projects, slightly modifying names and branding and using multiple social media accounts to increase their credibility. In Read More …
On June 20, 2024, Rapid7 identified multiple intrusion attempts by threat actors utilizing techniques, tactics, and procedures (TTPs) that are consistent with an ongoing social engineering campaign being tracked by Rapid7. The initial lure being utilized by the threat actors Read More …
Fake Angry IP Scanner will make you furious – or maybe remind you of how the Hive gang went about its banal business The latest malware from upstart criminal gang Hunters International appears to be targeting network admins, using malicious Read More …
In March 2024, Kaspersky researchers discovered a campaign targeting individuals in Russia with previously unseen Android spyware they dubbed LianSpy. Kaspersky analysis indicates that the malware has been active since July 2021. This threat is equipped to capture screencasts, exfiltrate Read More …
