Malware

Latest APT41 Campaign: Detection Opportunities | ThreatSnapShot

Jul 28, 2024 By SnapAttack In SnapAttack

Have you ever read a threat report and thought, “These tools could definitely be superhero names”? Well, you’re not alone! In this video, we dive into the recent APT41 campaign and explore the detection opportunities that arise from it. From tools like BlueBeam, AntSword, DustPan, and PineGrove, we break down how these were used in APT41’s latest operations and how you can detect them in your environment.

View Video

SnapAttack

Read more about Latest APT41 Campaign: Detection Opportunities | ThreatSnapShot

UK Disrupts Major Booter Service Responsible For Thousands Of DDoS Attacks

Jul 25, 2024 By Key Dutch In ImmuniWeb

Read also: A Scattered Spider member arrested in the UK, LockBit affiliates plead guilty, and more.

Read Post

ImmuniWeb

Read more about UK Disrupts Major Booter Service Responsible For Thousands Of DDoS Attacks

SEXi / APT Inc Ransomware - What You Need To Know

Jul 25, 2024 By Graham Cluley In Tripwire

Don't worry, I'm not trying to conjure images in your mind of Rod Stewart in his iconic leopard print trousers. Instead, I want to warn you about a cybercrime group that has gained notoriety for attacking VMware ESXi servers since February 2024.

Read Post

Tripwire

Read more about SEXi / APT Inc Ransomware - What You Need To Know

CVE discovery, PoC Development, IAB Listings, to Ransomware Attacks: How Cybercriminal Forums Facilitate the Lifecycle

Jul 25, 2024 By Cymon In CYJAX

By Olivia Betts and Adam Price In July 2024, CloudFlare identified that it can take cybercriminals as little as 22 minutes to weaponise a publicly available Proof-of-Concept (PoC) exploit following its release. The IT services management company noted an increase in scanning for disclosed Common and in attempts to weaponise available PoCs across 2023 and 2024.

Read Post

CYJAX

Read more about CVE discovery, PoC Development, IAB Listings, to Ransomware Attacks: How Cybercriminal Forums Facilitate the Lifecycle

CTI Roundup: MuddyWater Deploys BugSleep Malware, New Attack From Void Banshee

Jul 24, 2024 By Tanium In Tanium

MuddyWater deploys BugSleep malware, researchers discover malicious files on the npm registry, and Void Banshee exploits a Microsoft MHTML flaw.

Read Post

Tanium

Read more about CTI Roundup: MuddyWater Deploys BugSleep Malware, New Attack From Void Banshee

Lumma Stealer Packed with CypherIt Distributed Using Falcon Sensor Update Phishing Lure

Jul 24, 2024 By Counter Adversary Operations In CrowdStrike

On July 23, 2024, CrowdStrike Intelligence identified the phishing domain crowdstrike-office365com, which impersonates CrowdStrike and delivers malicious ZIP and RAR files containing a Microsoft Installer (MSI) loader. The loader ultimately executes Lumma Stealer packed with CypherIt.

Read Post

CrowdStrike

Read more about Lumma Stealer Packed with CypherIt Distributed Using Falcon Sensor Update Phishing Lure

Sue Bergamo on Data Security Decoded - On Diversity

Jul 24, 2024 By Rubrik In Rubrik

Dive deep into the world of #CyberSecurity leadership in this episode of Data Security Decoded, featuring Sue Bergamo, CISO and CIO at BTE Partners. Sue brings to the table an incredible perspective on the importance of diversity and the strength of unique perspectives. Sue advocates for empowering individuals to stand up for their ideas, especially when navigating through incidents, ensuring a resilient and innovative response to any crisis.

View Video

Rubrik

Read more about Sue Bergamo on Data Security Decoded - On Diversity

Daggerfly Enhances Malware Toolkit to Target All Major Operating Systems

Jul 24, 2024 By Foresiet In Foresiet

The Chinese espionage group Daggerfly, also known as Evasive Panda or Bronze Highland, has significantly upgraded its malware arsenal, allowing it to target a wide range of operating systems including Windows, Linux, macOS, and Android. This development marks a notable escalation in the group's cyber capabilities, as detailed in a recent analysis by Symantec.

Read Post

Foresiet

Read more about Daggerfly Enhances Malware Toolkit to Target All Major Operating Systems

Ransomware: Attackers resort to old-school techniques and minimal investment

Jul 23, 2024 By Sam Manjarres In WatchGuard

The modus operandi of cybercriminals is constantly changing. It comes as no surprise that, every so often, hackers switch up their methods to become more evasive. However, contrary to what we might imagine, these changes don’t always have to be innovative, or involve new attack strategies. Cybercriminals are increasingly opting to employ old-school techniques, and couple this with minimal investment.

Read Post

WatchGuard

Read more about Ransomware: Attackers resort to old-school techniques and minimal investment

Abusing BOINC: FakeUpdates Campaign Bundling Malware with Legitimate Software

Jul 23, 2024 By Arctic Wolf In Arctic Wolf

Beginning in early July 2024, Arctic Wolf responded to multiple SocGholish/FakeUpdate intrusions that resulted in a seemingly benign payload being delivered as a second-stage download. The zip file payload contained software from the Berkeley Open Infrastructure for Network Computing (BOINC) project, open-source software that allows users to contribute computing power to scientific research projects focused on solving complex calculations.

Read Post