Malware
Kextload Warnings on Mac
Mac users are no strangers to the seamless and secure experience that macOS offers. However, recent reports have surfaced regarding a concerning phenomenon – Kextload warning pop-ups appearing on Mac computers.... Read more
"Too Late" Malware
The malware's main goal is to trap victims with a locked screen displaying a wallpaper that simply reads "TOO LATE". The "Too Late" scam typically infiltrates your computer by disrupting your registry editor with a... Read more
A Closer Look at the Turla Advanced Persistent Threat Actor
In the realm of cybersecurity, the persistent and evolving threat landscape continually challenges defenders worldwide. Among the myriad of adversaries, one group has garnered significant attention for its... Read more
Troll Stealer Malware Threat Targets Korean Computer Users
A recently discovered cyber threat has put Korean computer users at risk, as a sophisticated malware dubbed "Troll Stealer" has emerged, suspected to be orchestrated by the North Korea-linked nation-state actor,... Read more
Chinese Threat Actor Linked to NSPX30 Spyware
A previously unknown threat actor with ties to China has been identified in a series of adversary-in-the-middle (AitM) attacks, where legitimate software update requests are exploited to deliver an advanced implant... Read more
Bigpanzi Botnet Infects Hundreds of Thousands of Android Devices
Security experts have attributed a Distributed Denial of Service (DDoS) botnet, potentially affecting millions of smart TVs and set-top boxes, to an established cybercrime group known as Bigpanzi, active for eight... Read more
Proxy Virus
Proxy Virus, also known as MITM Proxy Virus, has gained popularity as a form of browser-hijacking software. To propagate this infection, cybercriminals frequently exploit various adware-type applications, often... Read more
Pelmeni Wrapper: Another Tool in Turla's Arsenal
Research conducted by Lab52 has revealed a new Turla campaign employing innovative strategies alongside a tailored version of the Kazuar trojan. Their analysis delves into the technical aspects of the campaign's... Read more
TinyTurla-NG Backdoor Used Against Targets in Poland
The threat actor Turla, associated with Russia, has been observed employing a new backdoor named TinyTurla-NG in a campaign spanning three months targeting Polish non-governmental organizations in December 2023.... Read more
Ov3r_Stealer Malware Spreads Fake Facebook Job Ads to Steal Personal Data
Threat actors have devised a cunning scheme involving fake job ads on Facebook, using them as a gateway to deploy a newly discovered Windows-based stealer malware known as Ov3r_Stealer. Deceptive Tactics Unveiled The... Read more
GoStealer Malware Targets Indian Military
A sophisticated cyber espionage incident targeting the Indian Air Force has been uncovered by security researchers. The cyberattack on the Indian Air Force involves a variant of the well-known Go Stealer, a malicious... Read more
PureLand Stealer
PureLand is a type of stealer malware designed to target Mac devices with the intent of extracting information from infected systems. Specifically, it focuses on pilfering data from cryptocurrency wallets and other... Read more
URL Scam Warning
"URL Scam" is a classification that signifies a potential danger lurking in the vast expanse of the internet, ready to ensnare unsuspecting users in its deceptive web. Understanding the nature of this threat is... Read more
Kazuar: The Advanced Remote Access Tool of Turla APT
In the world of cybersecurity, the Turla Advanced Persistent Threat (APT) group has gained notoriety for its sophisticated and persistent cyber espionage campaigns. At the heart of Turla's operations lies a formidable... Read more
New HijackLoader Version Uses Advanced Threat Evasion
Threat actors capitalize on the potency of HijackLoader as a robust tool for embedding malicious code into legitimate processes, facilitating the discreet execution of payloads. This method enables them to bypass... Read more
Beware of the Bank Confirmation Email Scam
The email scam, often titled "Payment Confirmation," lures recipients into believing they are receiving a bank confirmation related to a payment. However, the attached file, typically named "Payment Confirmation... Read more
SPICA Backdoor Linked to Russian Hacker Collective
The Threat Analysis Group (TAG) at Google revealed that the Russian hacking group COLDRIVER is engaged in credential phishing activities targeting prominent NGOs, former intelligence and military personnel, as well as... Read more
AndroxGh0st Botnet Comes Up in CISA's Radar
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation have issued a warning regarding the deployment of the AndroxGh0st malware by threat actors. These actors are... Read more
