Kaspersky Labs just recently published a report detailing a link between the Tomiris backdoor and the threat actors behind the SolarWinds attack that occurred towards the end of 2020. In summary, the backdoor closely resembles another piece of malware deployed by DarkHalo, SunShuttle, as well as sim
This week has seen the announcement of two separate campaigns infecting Android users with some form trojan malware. The first incident involves the discovery of a new trojan, called GriftHorse, while the second trojan distribution campaign involves an offshoot of the infamous Cerberus banking troja
Security firm eSentire published an article detailing an odd ransomware incident. In summary, the incident is odd as it used advanced techniques to gain initial access and compromise the target’s network. However, the ransomware dropped, Hello, is regarded as fairly unsophisticated. This provided re
The Cybersecurity and Infrastructure Security Agency (CISA) recently published an advisory regarding the Conti ransomware. The advisory provides a comprehensive analysis of techniques used by the ransomware gang in the past and present. The advisory also noted that the Federal Bureau of Investigatio
According to research published by Microsoft, a new threat actor has been attacking developers by exploiting a vulnerability in MSHTML, tracked as CVE-2021-40444, which has been patched. Developers familiar with or use MSHTML should ensure that the patch has been installed. Microsoft describes that
It was nearly Christmas 2015 when Juniper released a statement warning customers that it had discovered unauthorized code that allowed hackers to decipher encrypted communications and gain high-level access to customers’ machines that used a popular product developed by the company. The exact wordin
At the start of this year, researchers looked back on 2020 and discovered it was a boom year for DDoS attacks. Now, Russian Internet giant Yandex is battling the biggest DDoS attack on record and a new Botnet may be the infrastructure powering this record-breaking attack. Giving the attack method i
Also known as REvil, and sometimes referred to as the Crown Prince of Ransomware, Sodinokibi has long been the thorn in the side of large enterprises and a headline maker. This year alone those behind the ransomware were responsible for both the JBS incident and the Kaseya incident. The latter promp
Microsoft security researchers have recently published an article detailing a widespread phishing campaign looking to steal credentials by abusing redirector links. At first, the potential victim is baited by impersonations of well-known productivity tools. They are then redirected to multiple sites
FIN8 is a purely financially motivated cybercrime organization and since 2016, the group has successfully operated by targeting retail, restaurant, hospitality, healthcare, and entertainment industries. This is done to primarily steal payment information from Point of Sale (POS) devices those indust