Researchers at Proofpoint have published a report detailing a newly discovered piece of malware that attempts to steal account information about popular service providers, including Google, Facebook, Amazon, and Apple. Not only does the malware can steal account passwords and cookies but can also dr
The US Federal Bureau of Investigation’s Cyber Division published an alert on March 16, 2021, warning readers that those behind the Pysa ransomware were actively targeting institution in the education sector. Institutions targeted include higher education, K-12 schools, and seminaries in 12 US state
When news broke that the state-sponsored threat group Hafnium was actively exploiting four Microsoft Exchange zero-days the InfoSec community waited with bated breath to see when other groups would begin to target the same flaws. This would only take a few days till news that the fear of other threa
Security researchers at Proofpoint have discovered a new initial access granting piece of malware written in a programming language rarely used for compiling malicious code. The language used in Nim and is possibly best described as a language being as “fast as C, as expressive as Python, and as ext
Last week this publication covered how the threat group named Hafnium had been seen actively exploiting four separate zero-day flaws found within Microsoft’s Exchange Server packages. A week on and more hackers and threat groups have been seen targeting these flaws to gain access to Exchange Servers
The Ryuk ransomware has long been both a thorn in the side of victims and an unmitigated success for its developers. In a sample of the malware discovered by the French National Agency for the Security of Information Systems (ANSSI), the offending ransomware has gone through yet another evolution to
Late on Tuesday, March 2, 2021, Microsoft warned of a Chinese state-sponsored group actively exploiting four zero-day vulnerabilities in targeted campaigns. Along with the warning Microsoft has also released out-of-band patches to help prevent further exploitation by the state-sponsored hacking grou
The threat posed to critical infrastructure via cyber-attacks has long been a major concern for security researchers. Recent developments have seen ransomware gangs actively targeting critical infrastructure. The HelloKitty ransomware variant might be best known for its attack upon CD Projekt Red, b
Details of a new malware designed to target Macs, called Silver Sparrow, has already infected close on 30,000 separate machines. The malware was discovered by researchers from Red Canary who subsequently analyzed the malware along with Malwarebytes and VMWare Carbon Black. In a subsequent report pub
Over the past week or so investigations into the recent SolarWinds attack which made international headlines in December 2020 have or are close to concluding. The revelations of the investigations show a truly massive scale of operations employed by the attackers, with many, including the US governm