A recent research study has shed light on the decade-long activities of a Romanian cyber threat group known as RUBYCARP, which uses techniques such as cryptocurrency mining and phishing. One of the key findings from the technical write-up, published by Sysdig today, is the group’s use of a script capable of simultaneously deploying multiple cryptocurrency […]
The threat actors associated with the Medusa ransomware have ramped up their activities following the debut of a dedicated data leak site on the dark web in February 2023 to publish sensitive data of victims who are unwilling to agree to their demands. “As part of their multi-extortion strategy, this group will provide victims with […]
A cyberattack has affected the networks and business activities of First American Financial Corporation and a number of its subsidiaries. The bank has also filed an update of the cyberattack on First American Financial Corporation to the Securities and Exchange Commission of the US. The bank’s filing can be fetched from the website of SEC […]
Malware analysis encompasses a broad range of activities, including examining the malware’s network traffic. To be effective at it, it’s crucial to understand the common challenges and how to overcome them. Here are three prevalent issues you may encounter and the tools you’ll need to address them. Decrypting HTTPS traffic Hypertext Transfer Protocol Secure (HTTPS), […]
ScamClub is a threat actor who’s been involved in malvertising activities since 2018. Chances are you probably ran into one of their online scams on your mobile device. Confiant, the firm that has tracked ScamClub for years, released a comprehensive report in September while also disrupting their activities. However, ScamClub has been back for several […]
Microsoft has been closely monitoring the activities of a threat group known as Octo Tempest. This group has emerged as a major concern for businesses across a variety of sectors due to its financially driven motives and sophisticated tactics. Octo Tempest is notorious for its broad social engineering campaigns, aiming to compromise organizations worldwide with […]
A recent investigation has brought to light the activities of threat actors utilizing Discord to deploy an information-stealing malware named Lumma Stealer. Lumma Stealer is available for purchase on underground forums with different plans offering varied levels of access, ranging from log views to traffic analysis tools. The most costly plan permits buyers to access […]