Last week this publication covered how ransomware operations were exploiting recently disclosed and patched PaperCut server vulnerabilities. According to PaperCut, the vulnerabilities, if exploited, can allow for remote code execution. The company provided more information regarding the severi
According to a new report published by Elastic Security Labs, their security researchers discovered a new malware strain dubbed LOBSHOT. The discovery was made when researchers notices a spike a malvertising campaigns at the start of 2023, where threat actors distributed malware strains using an e
In March 2023, two vulnerabilities were patched in the PaperCut Application Server, both of which would allow a threat actor, if exploited, to perform unauthenticated remote code execution and information disclosure. In an advisory published by PaperCut, both vulnerabilities were described as
Following several reports from security firms, it appears that ransomware operators are abusing the remote monitoring and management (RMM) product Action1 RMM which is used by Managed Service Providers (MSPs) to manage endpoints on customer networks remotely. The software package allows patch
In a recently published report by security firm Check Point, a newly discovered ransomware is breaking new records for the fastest encryptor. That might be the headlining grabbing feature of Rorschach, but the malware’s developers have looked to use the best features from several other variants to c
Security researchers for the major telecommunications company AT&T have discovered a new variant of BlackGuard, a new info stealer that is gaining popularity with threat actors using underground hacking forums. This new variant is actively being distributed in the wild and boosts several new fe
On March 7, 2022, Bleeping Computer broke the news that Emotet activity had surged back to life and the malware was once again facilitating the sending of malicious spam emails. After a three-month break, the malware’s operators deemed it was time to ramp up operations once more from an all too bri
Recent news articles have shone a light on LockBit’s current operations which seem to be yielding results in encrypting data and putting a halt to several organizations' operations. The most recent of which is Essendant, a wholesale distributor of stationery and office supplies owned by Staples. The
Security firm Sentinel One just published a report detailing how a phishing campaign used to target victims in Eastern Europe is being used to deliver the Remcos RAT and DBateLoader malware strains. As with so many malware distribution campaigns, things kick off with a phishing email campaign, in th
Chinese advanced persistent threat group, APT27, also known as Bronze Union, Emissary Panda, Iron Tiger, Lucky Mouse, or TG-3390, is now developing Linux version of their custom malware payloads. The group is best known for its cyber espionage abilities by leveraging custom malware packages. With th