First identified as active in November 2012, 'njRAT', also known as 'Bladabindi' or 'Njw0rm', is a well established and prevalent remote access trojan (RAT) threat that was initially created by a cybercriminal threat group known as 'Sparclyheason' and used to target victims located in the Middle East. Undoubtedly following the source code leak, reportedly in May 2013, njRAT has become widely available on the cybercriminal underground with numerous variants being released over the years.

Kovter is a fileless malware that attempts to remain invisible and targets the Windows operating system. Kovter avoids detection as it relies on the host registry to store its configuration data, thus avoids traditional endpoint protection (anti-virus) file scanning.

Historically targeting the financial sector, and first observed in 2014 as a banking trojan, Emotet remains an active and credible threat to organizations across all industries worldwide and, whilst retaining some core data stealing capabilities, has evolved to act as a downloader for secondary malicious payloads.

Since stepping into the cybercriminal arena in September 2020, the Egregor group has penetrated over 71 businesses globally, including recruitment giant Randstad and US retailer Kmart. But who is the Egregor group and how have they managed to rise up as a significant cyber threat in just a few short months? Egregor is a cybercriminal group specializing in a unique branch of ransomware attacks.

Since ransomware was founded in 1996, many ransomware gangs have attempted and failed to quake the cybersecurity landscape. But some have broken through and even rearranged it with their obfuscatory cyberattack methods. Netwalker ransomware is an example of such a success. Within its first six months of operation, the ransomware gang received more than $25 million in ransom payments. What is Netwalker ransomware and why is it so lethal? To learn more, read on.

Cybersecurity is in the news again with the disclosure that Tesla, working in conjunction with the FBI, prevented a ransomware attack from being launched at its Gigafactory in Nevada. The cybercriminals targeted Tesla through one of its employees, whom they allegedly promised to pay $1 million in order to help them infect the company’s system with malware.

Emotet originally arrived on the scene as a new banking trojan in 2014. In the past 12 months, however, it has evolved from a standalone threat into a prolific distributor of other trojans, including TrickBot, Zeus Panda Banker, IcedID, Qakbot, and Dridex.

Dealing with the aftermath of ransomware attacks is like Russian roulette. Submitting the ransom might seem like it’s the sole option for recovering locked data. But paying the ransom doesn’t mean that your organization will get its affected data back. Let’s not forget that ransomware also continues to evolve as a threat category.

As companies responded to the COVID-19 pandemic with remote work, cybercriminals increased their social engineering and ransomware attack methodologies. Ransomware, malicious code that automatically downloads to a user’s device and locks it from further use, has been rampant since the beginning of March 2020. According to a 2020 report by Bitdefender, ransomware attacks increased by seven times when compared year-over-year to 2019.