Malware

The cybersecurity landscape is ever-evolving, with new threats emerging regularly. Two recent discoveries, the Starkcat and HotPage malware, have drawn significant attention due to their sophisticated methodologies and potential impacts. Origin and Discovery Starkcat, identified by cybersecurity researchers at ESET as a significant new threat, originated from an unknown but highly capable group. This malware [...]

In the ever-evolving landscape of cyber threats, the North Korea-linked nation-state group BlueNoroff has once again made headlines. Jamf Threat Labs recently uncovered a previously undocumented macOS malware strain dubbed ObjCShellz. This malware is attributed to BlueNoroff and is a critical component of the ongoing RustBucket malware campaign, which has been under scrutiny since earlier [...]

In the vast landscape of cybersecurity threats, the discovery of StripedFly malware has sent shockwaves through the industry. Initially dismissed as just another cryptocurrency miner, this malware has proven to be a sophisticated and multi-faceted threat, employing an intricate modular framework that operates seamlessly on both Linux and Windows platforms. Behind its cryptocurrency mining facade [...]

In the ever-evolving landscape of cybersecurity threats, a new adversary, AtlasCross, has emerged on the scene and raised significant concerns among cybersecurity experts. This advanced persistent threat (APT) group, recently brought to the forefront by NSFOCUS Security Labs, is known for its sophisticated tactics, careful approach, and a series of targeted attacks.  Red Cross-themed Phishing [...]

In the ever-evolving landscape of cyber threats, a novel and highly sophisticated backdoor malware named 'Deadglyph' has emerged, leaving experts baffled and organizations vulnerable. This malware has recently been utilized in a cyber espionage attack against a government agency in the Middle East, shedding light on the capabilities of its creators. Here, we present a [...]

A new wave of Android malware campaigns has been discovered, posing significant risks to cryptocurrency users and unsuspecting victims. The malware strains, named CherryBlos and FakeTrade, employ advanced techniques to steal sensitive information and conduct fraudulent activities. Security researchers from Trend Micro have identified the threat actors behind these campaigns and the various distribution channels [...]

The world of cyber threats constantly evolves, and Apple macOS users now face a new menace known as "Realst" malware. This sophisticated malware, written in the Rust programming language, targets both macOS and Windows systems with a specific focus on infecting macOS 14 Sonoma, the upcoming major release of the operating system. Disguised as fake [...]

The notorious Chinese threat group APT41, also known as Double Dragon, BARIUM, and Winnti, has recently been attributed to developing and deploying advanced Android surveillanceware. Lookout has identified two strains of malware called WyrmSpy and DragonEgg. These discoveries shed light on APT41's expansion into mobile platforms, emphasizing the growing threat of sophisticated Android malware. APT41: [...]

Windows users face a new wave of cyber threats as sophisticated malware named LokiBot spreads through malicious Microsoft Office documents. A recent investigation by FortiGuard Labs has uncovered that attackers are exploiting well-known vulnerabilities such as CVE-2021-40444 and CVE-2022-30190 to deliver the LokiBot malware. LokiBot, a notorious information-stealing Trojan active since 2015, specializes in extracting [...]

A notorious Iranian nation-state hacking group known as TA453, or Charming Kitten, has recently been discovered launching spear-phishing attacks targeting experts in Middle Eastern affairs and nuclear security. Recently Proofpoint has unveiled its sophisticated tactics, such as multi-persona impersonation and a variety of infection chains, to deliver malware on both Windows and macOS operating systems. [...]

For almost two years, from June 2021 to April 2023, a widespread eCrime campaign targeted clients of prominent banks worldwide. The mastermind behind this operation, known as Neo_Net, focused primarily on Spanish and Chilean banks, successfully compromising the security of several financial institutions. Security researcher Pol Thill’s finding published by SentinelOne sheds light on the [...]

A Chinese threat actor has recently been identified by Check Point Research (CPR) for targeting Foreign Affairs ministries and embassies in Europe. The campaign, known as SmugX, has been active since at least December 2022. The attackers employ HTML smuggling techniques to deliver the PlugX remote access trojan, enabling them to evade network-based detection measures. [...]