Apr 18, 2024NewsroomMobile Security / Malware A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest extraction and parsing procedure. The malware is “notable for an unconventional approach to evading analysis and detection, namely obfuscation of the Android manifest,” Kaspersky researcher Dmitry […]
Internet security experts have detected and blocked nearly 13,000 fake investment platform domains across more than 7000 IPs in January 2024, a 25% increase from December 2023. The figure comes amid growing concerns over the escalating threat of online investment scams, which continue to prey on unsuspecting individuals worldwide. According to data from the Federal Trade […]
The agency responsible for monitoring financial sanctions in Britain has never detected an illicit payment to an entity embargoed under the country’s counter-ransomware regime, according to information obtained by Recorded Future News. The sanctions regime explicitly prohibits victims from making any extortion payments to the 29 individuals and 5 entities listed under the United Kingdom’s […]
Jan 29, 2024NewsroomRansomware / Malware Cybersecurity researchers have detected in the wild yet another variant of the Phobos ransomware family known as Faust. Fortinet FortiGuard Labs, which detailed the latest iteration of the ransomware, said it’s being propagated by means of an infection that delivers a Microsoft Excel document (.XLAM) containing a VBA script. “The […]
Jan 29, 2024NewsroomRansomware / Malware Cybersecurity researchers have detected in the wild yet another variant of the Phobos ransomware family known as Faust. Fortinet FortiGuard Labs, which detailed the latest iteration of the ransomware, said it’s being propagated by means of an infection that delivers a Microsoft Excel document (.XLAM) containing a VBA script. “The […]
I. Background of xorbot In November 2023, NSFOCUS Global Threat Hunting System detected that a type of elf file was being widely distributed and accompanied by a large amount of suspected encrypted outbound communication traffic. However, the detection rate of mainstream antivirus engines on this file was close to zero, which aroused our curiosity. After further […]
Imperva Threat Research has detected previously undocumented activity from the 8220 gang, which is known for the mass deployment of malware using a variety of continuously evolving TTPs. This threat actor has been known to target both Windows and Linux web servers with cryptojacking malware. In this blog, we will detail recent activity, attack vectors […]
Dec 05, 2023NewsroomEmail Security / Vulnerability Microsoft on Monday said it detected Kremlin-backed nation-state activity exploiting a critical security flaw in its Outlook email service to gain unauthorized access to victims’ accounts within Exchange servers. The tech giant attributed the intrusions to a threat actor it called Forest Blizzard (formerly Strontium), which is also widely […]
RisePro, an information-stealing malware, was first detected by cybersecurity firms Flashpoint and Sekoia. It is distributed through fake crack sites operated by the PrivateLoader pay-per-install (PPI) malware distribution service.
- 1
- 2