Clik here to view.
SuperBlack Ransomware operators exploit Fortinet Firewall flaws in recent...
Operators behind the SuperBlack ransomware exploited two vulnerabilities in Fortinet firewalls for recent attacks. Between January and March, researchers at Forescout Research – Vedere Labs observed a...
View ArticleLockBit ransomware developer Rostislav Panev was extradited from Israel to...
The US Justice Department announced that the LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S. The US Justice Department announced that one of the LockBit ransomware...
View ArticleClik here to view.
New MassJacker clipper targets pirated software seekers
Pirated software seekers are targeted by the new MassJacker clipper malware, according to CyberArk researchers. A new malware campaign spreading a new clipper malware dubbed MassJacker targets users...
View ArticleClik here to view.
A ransomware attack hit the Micronesian state of Yap, causing the health...
A Micronesian state suffered a ransomware attack and was forced to shut down all computers of its government health agency. A state in Micronesia, the state of Yap, suffered a ransomware attack,...
View ArticleSECURITY AFFAIRS MALWARE NEWSLETTER ROUND 37
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Undercover miner: how YouTubers get pressed into distributing...
View ArticleClik here to view.
Researcher releases free GPU-Based decryptor for Linux Akira ransomware
A researcher released a free decryptor for Linux Akira ransomware, using GPU power to recover keys through brute force. Security researcher Yohanes Nugroho created a free decryptor for Linux Akira...
View ArticleClik here to view.
New StilachiRAT uses sophisticated techniques to avoid detection
Microsoft discovered a new remote access trojan (RAT), dubbed StilachiRAT, that uses sophisticated techniques to avoid detection. In November 2024, Microsoft researchers discovered StilachiRAT, a...
View ArticleClik here to view.
WhatsApp fixed zero-day flaw used to deploy Paragon Graphite spyware
WhatsApp fixed a zero-click, zero-day vulnerability used to install Paragon’s Graphite spyware on the devices of targeted individuals. WhatsApp has addressed a zero-click, zero-day vulnerability...
View ArticleClik here to view.
CERT-UA warns of cyber espionage against the Ukrainian defense industry using...
CERT-UA warns of a cyber campaign using Dark Crystal RAT to target Ukraine’s defense sector, including defense industry employees and Defense Forces members. The Computer Emergency Response Team of...
View ArticleRansomHub affiliate uses custom backdoor Betruger
Symantec researchers linked a custom backdoor, called Betruger, found in recent ransomware attacks to an affiliate of the RansomHub operation. Symantec’s Threat Hunter team has identified a custom...
View ArticleSECURITY AFFAIRS MALWARE NEWSLETTER ROUND 38
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Decrypting Encrypted files from Akira Ransomware (Linux/ESXI...
View ArticleClik here to view.
Cloak ransomware group hacked the Virginia Attorney General’s Office
The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney General’s Office that occurred in February. The ransomware group Cloak has claimed responsibility for a...
View ArticleClik here to view.
Medusa ransomware uses malicious Windows driver ABYSSWORKER to disable...
Medusa ransomware uses a malicious Windows driver ABYSSWORKER to disable security tools, making detection and mitigation more difficult. Elastic Security Labs tracked a financially driven MEDUSA...
View ArticleClik here to view.
Chinese APT Weaver Ant infiltrated a telco in Asia for over four years
China-linked APT Weaver Ant infiltrated the network of a telecommunications services provider for over four years. The China-linked threat actor Weaver Ant infiltrated the network of a telecom...
View ArticleClik here to view.
Android malware campaigns use .NET MAUI to evade detection
Researchers warn of a new Android malware that uses .NET MAUI to mimic legit services and evade detection. McAfee researchers warn of Android malware campaigns using .NET MAUI to evade detection....
View ArticleClik here to view.
BlackLock Ransomware Targeted by Cybersecurity Firm
Resecurity found an LFI flaw in the leak site of BlackLock ransomware, exposing clearnet IPs and server details. Resecurity has identified a Local File Include (LFI) vulnerability in Data Leak Site...
View ArticleClik here to view.
New ReaderUpdate malware variants target macOS users
New ReaderUpdate malware variants, now written in Crystal, Nim, Rust, and Go, targets macOS users, SentinelOne warns. SentinelOne researchers warn that multiple versions of the ReaderUpdate malware...
View ArticleClik here to view.
Crooks target DeepSeek users with fake sponsored Google ads to deliver malware
Cybercriminals are exploiting the popularity of DeepSeek by using fake sponsored Google ads to distribute malware. While DeepSeek is rising in popularity, threat actors are attempting to exploit it by...
View ArticleClik here to view.
Russian authorities arrest three suspects behind Mamont Android banking trojan
Russian authorities arrested three suspects for developing Mamont, a newly identified Android banking trojan. Russian authorities arrested three suspects in Saratov for developing Mamont (Russian for...
View ArticleClik here to view.
Crooks are reviving the Grandoreiro banking trojan
Grandoreiro Banking Trojan resurfaces, targeting users in Latin America and Europe in new phishing campaigns. Forcepoint X-Labs researchers warn of new phishing campaigns targeting Latin America and...
View Article