News • Insights • Analysis
In late August 2024, Kaspersky researchers attention was drawn to a Spotify mod called Spotify Plus, version 18.9.40.5. At the time of writing this, the mod could be downloaded from spotiplus[.]xyz and several related sites that linked to it. The Read More …
Unit 42 researchers have been tracking the activity of an ongoing poisoned Python packages campaign delivering Linux and macOS backdoors via infected Python software packages. Unit 42 researchers named these infected software packages PondRAT. They’ve also found Linux variants of Read More …
The Justice Department today announced a court-authorized law enforcement operation that disrupted a botnet consisting of more than 200,000 consumer devices in the United States and worldwide. As described in court documents unsealed in the Western District of Pennsylvania, the Read More …
In July 2024, Kaspersky researchers discovered the previously unknown Loki backdoor, which was used in a series of targeted attacks. By analyzing the malicious file and open sources, we determined that Loki is a private version of an agent for the Read More …
Intellexa Group’s Predator spyware has experienced a resurgence in activity following a decline spurred by sanctions imposed by the Biden administration, reports The Record, a news site by cybersecurity firm Recorded Future. Angola and the Democratic Republic of Congo, which Read More …
BI.ZONE Threat Intelligence reports an increase in criminal activity employing commercial malware available on underground resources. Recently, the researchers identified a malicious campaign by a cluster later dubbed Stone Wolf. The adversaries send out phishing emails on behalf of a Read More …
Cities and counties are beefing up their IT security, and that makes sense, says Augustine Boateng, interim chief information officer (CIO) in Memphis, Tenn. “It’s important to note that local governments have developed a reputation over the years for having Read More …
The sale and purchase of unauthorized access to compromised enterprise networks has become a linchpin for cybercriminal operations, particularly in facilitating ransomware attacks. Underground forums are sharing guidelines on breaching networks and selling the access they obtain, leaving the exploitation Read More …
Fake Angry IP Scanner will make you furious – or maybe remind you of how the Hive gang went about its banal business The latest malware from upstart criminal gang Hunters International appears to be targeting network admins, using malicious Read More …
Windows and macOS machines alike have been hit by malware after notorious Chinese hacker group StormBamboo used a compromised internet service provider (ISP) to target organizations with poisoned DNS responses. StormBamboo used altered DNS query responses tied to automatic update Read More …
