In a recently published blog article by Check Point's research team, an attack campaign was discovered spreading the Rhadamanthys info stealer. The infection chain starts with victims receiving fake copyright infringement emails to act as the lure. The campaign began in July 2024, with threat
According to a new report by security firm Kaspersky, researchers discovered a new crimeware bundle being distributed via forum posts, torrent trackers, and blogs, imitating popular software like Foxit PDF Editor and AutoCAD. The malware itself is capable of extracting the victim's credit card data,
According to a new report by Palo Alto’s Unit 42, North Korean state-sponsored threat actors, tracked by the security firm as Jumpy Pisces but also tracked as Andariel, have been linked to the Play ransomware gang. Researchers believe this is the first instance of the group using existing ransomwar
According to a blog article published by ReliaQuest, their security team discovered a new Black Basta ransomware campaign that begins with a spam email, which is then followed by threat actors posing as Microsoft Teams IT Support to trick victims into installing remote access software, which is then
A recently published article by GoDaddy's Security Team revealed that a new ClickFix malware campaign targeting vulnerable WordPress sites to deliver information-stealing malware is making the rounds. Information-stealing malware, or info stealers, is somewhat in vogue by financially motivated and s
In a recent report by ZScaler, data collected from June 2023 to April 2024 showed that Google Play, the official store for Android, distributed more than 200 malicious applications, which amounted to nearly eight million downloads. The collected data focused on analyzing malware families on both Goo
According to a recent report by the United Nations Office on Drugs and Crime (UNODC), a large and diverse set of malicious AI tools have been developed across Southeast Asia to supplement the needs of cybercrime cartels across the region. Tools to generate convincing deep fakes appear to be the mos
Microsoft 365 users should be aware of a new threat actor offering their services as a phishing-as-a-service platform to conduct Adversary-in-the-Middle (AiTM) attacks for a monthly fee. Called Mamba2FA, not to be confused with Mamba ransomware, the malware targets Microsoft 365 users with well-craf
Law enforcement agencies from 12 countries have collaborated to arrest four individuals associated with the LockBit ransomware gang. Along with the arrests' law enforcement officials seized servers critical to the ransomware gang's operations. Regarding the arrests, a suspected developer of LockBit
In HP Wolf Security's Threat Insights Report September 2024, security researchers detailed a targeted attack in which the threat actors used Generative Artificial Intelligence (AI) to write malware code. This trend has grown since AI tools like ChatGPT were released to the public. In June 2024