A notorious Russian APT group has been stealing credentials for years by exploiting a Windows Print Spooler bug and using a novel post-compromise tool known as “GooseEgg,” Microsoft has revealed. APT28 (aka Strontium, Forest Blizzard) has been using GooseEgg since potentially as far back as April 2019 to exploit CVE-2022-38028, Microsoft said in a new […]
The clearnet domain of the notorious BreachForums data leak and hacking forum has been taken down by rival threat actors. The threat actor group, R00TK1T, along with the pro-Russian gang Cyber Army of Russia, announced a breach of user data following the BreachForums take down. R00TK1T was previously responsible for an attack campaign targeting the […]
Feb 29, 2024NewsroomRootkit / Threat Intelligence The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level access and disable security software on compromised hosts. The vulnerability in question is CVE-2024-21338 (CVSS score: 7.8), which can permit an attacker to gain SYSTEM privileges. It […]
Feb 29, 2024NewsroomMalware / Endpoint Security The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware. The packages, now taken down, are pycryptoenv, pycryptoconf, quasarlib, and swapmempool. They have been collectively downloaded 3,269 times, with pycryptoconf accounting for […]
Two cryptocurrency addresses linked to a company operating in a notorious scam compound in Myanmar have received nearly $100 million worth of deposits in less than two years.
One of Taiwan’s biggest semiconductor manufacturers has fallen victim to a cyberattack, supposedly carried out by the notorious LockBit ransomware gang. The hackers posted a threatening message on Foxsemicon’s website, stating that they had stolen its customers’ personal data and would publish it on their darknet website if the company refused to pay. “Keep in […]
The notorious Azorult malware has resurfaced on the dark web again, demonstrating a renewed and sophisticated approach. First identified in 2016, Azorult operates as a powerful information-stealing threat, specializing in the extraction of sensitive data such as browsing history, login credentials, and cryptocurrency details. Cyble Research & Intelligence Labs (CRIL) recently found several PDF files […]
A coalition of rebel groups in Myanmar is now in control of the city of Laukkaing — a notorious hub of online scamming operations near the border with China. Late on Thursday, Myanmar’s military government relinquished control of the city to the Three Brotherhood Alliance, which launched a surprise operation in Shan state, along the […]
An international group of law enforcement agencies has seized the dark web leak site of the notorious ransomware gang known as ALPHV, or BlackCat. “The Federal Bureau of Investigation seized this site as part of a coordinated law enforcement action taken against ALPHV Blackcat Ransomware,” a message on the gang’s dark web leak site now […]