Uncovering .NET Malware Obfuscated by Encryption and Virtualization

This article examines obfuscation techniques used in popular malware families, and offers some insights into possible opportunities for automating unpacking of these malware samples. Palo Alto researchers will examine these behaviors in samples we have observed, showing how to extract Read More …

Philippines: 5.4M cyber attacks against government agencies deterred in 2024

The Department of Information and Communications Technology (DICT) was able to prevent over 5 million attempts to compromise the cybersecurity of several government agencies last year. “In 2024, the DICT automatically deterred approximately 5.4 million malicious attempts against 32 government Read More …

The evolution of Dark Caracal tools: analysis of a campaign featuring Poco RAT

In early 2024, analysts at the Positive Technologies Expert Security Center (PT ESC) discovered a malicious sample. The cybersecurity community named it Poco RAT after the POCO libraries in its C++ codebase. At the time of its discovery, the sample Read More …

JavaGhost’s Persistent Phishing Attacks From the Cloud

Unit 42 researchers have observed phishing activity that we track as TGR-UNK-0011. They assess with high confidence that this cluster overlaps with the threat actor group JavaGhost. The threat actor group JavaGhost has been active for over five years and Read More …

UK: Cyber-attack sparks security fears over NHS provider’s data

The private healthcare group that will soon take charge of Swindon community care services has been hit by a cyber-attack. HCRG Care Group recently won the contract to provide care-at-home services in the Swindon area, which was previously managed by Read More …

Winos 4.0 Spreads via Impersonation of Official Email to Target Users in Taiwan

In January 2025, FortiGuard Labs observed an attack that used Winos4.0, an advanced malware framework actively used in recent threat campaigns, to target companies in Taiwan. According to a report released in November 2024, Winos4.0 was distributed through gaming-related applications, Read More …

PayPal’s “no-code checkout” abused by scammers

Malwarebytes Labs recently identified a new scam targeting PayPal customers with very convincing ads and pages. Crooks are abusing both Google and PayPal’s infrastructure in order to trick victims calling for assistance to speak with fraudsters instead. Combining official-looking Google Read More …

Ninth day of pro-Russia cyber attacks on Italian sites

A pro-Russian hacker group, Noname057(16), staged for the ninth consecutive morning on Tuesday a new wave of cyberattacks against Italian websites, specifically targeting local administrations. The provinces of Trapani, Ragusa, Caltanissetta, Enna, the municipality of Catania and the Puglia region Read More …