Keep your eyes on these
Security Articles
Threat Identification: Agent Tesla
DarkGate Loader
Pakistani APTs Escalate Attacks on Indian Government
Breaking Boundaries: Infiltration Beyond LATAM
Bumblebee Buzzes Back in Black
Analysis of Ongoing FROZEN#SHADOW Attack Campaign Leveraging SSLoad Malware and RMM Software for Domain Takeover
ASEAN Entities in the Spotlight: Chinese APT Group Targeting
First Known Attack Campaign Targeting AI Workloads Exploited In The Wild
Unplugging PlugX: Sinkholing the PlugX USB worm botnet
Malware Disguised as Installer from Korean Public Institution
Attack Using Fake Python Infrastructure
The ghost of TellYouThePass lingers
Ransomware Evolution | How Cheated Affiliates Are Recycling Victim Data for Profit
New espionage-focused campaign found targeting perimeter network devices
Black Hat SEO Leveraged to Distribute Malware
Threat Brief: Post-Exploitation Activity Related to CVE-2024-3400 (Updated April 24)
New Go loader pushes Rhadamanthys stealer
Bringing Access Back — Initial Access Brokers Exploit F5 BIG-IP (CVE-2023-46747) and ScreenConnect
MuddyWater campaign abusing Atera Agents
Sharp-Project: New Stealer Family on the Market
APT73/ERALEIG NEWS: UNVEILING NEW RANSOMWARE GROUP
New Scaly Wolf loader turned out to be unsuitable for attacks
GuptiMiner: Hijacking Antivirus Updates for Distributing Backdoors and Casual Mining
Suspected CoralRaider continues to expand victimology using three information stealers
Analyzing custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials
MuddyWater campaign abusing Atera Agents
ToddyCat is making holes in your infrastructure
#StopRansomware: Akira Ransomware
Multi-level Dropbox commands and TutorialRAT behind APT43
UAC-0133 (Sandworm) plans for cyber sabotage on almost 20 objects of critical infrastructure of Ukraine
Large-Scale StrelaStealer Campaign in Early 2024
AcidPour | New Embedded Wiper Variant of AcidRain Appears in Ukraine
New details on TinyTurla’s post-compromise activity reveal full kill chain
New Sysrv Botnet Variant Makes Use of Google Subdomain to Spread XMRig Miner
Curious Serpens' Backdoor: Technical Analysis, Detection and Prevention
Redline Stealer: A Novel Approach
Analysis of Pupy RAT Used in Attacks Against Linux Systems
Ransomware: Dissecting the three heads
Threat Group Targets the U.S. Automotive Industry
DuneQuixote campaign targets Middle Eastern entities with malware
TeamCity Vulnerability Exploits Lead to Jasmin Ransomware, Other Malware Types
Mirai Nomi: A Botnet Leveraging DGA
ShadowSyndicate Group's Possible Exploitation Of Aiohttp Vulnerability (CVE-2024-23334)
Operation PhantomBlu: New and Evasive Method Delivers NetSupport RAT
Kapeka: A novel backdoor spotted in Eastern Europe
Spyware Targeting iOS Devices in Western Europe: Analysis of Capabilities
Malvertising campaign targeting IT teams with MadMxShell
CryptoWire with Decryption Key Included
Exploiting Korean Asset Management Solutions (MeshAgent)
The Fall of LabHost: Law Enforcement Shuts Down Phishing Service Provider