EHA
NovaSentinel Stealer

Hijacked PyPI Package Installs NovaSentinel Stealer on Windows

Researchers identified a sophisticated cyberattack through a dormant Python Package Index (PyPI) package named Django-log-tracker, which was unexpectedly updated to deploy the NovaSentinel stealer malware. This discovery highlights a significant threat to the software...
Malware From Fake Software Developers Job

Windows Malware Dropped From Fake Software Developers Job Offers Scheme

February 24, 2024 – Phylum, a leader in cybersecurity research, has unveiled a sophisticated malware campaign aimed at software developers seeking employment. This alarming scheme, identified in collaboration with Palo Alto Network's Unit 42,...
New SSH-Snake Malware Abuses SSH Credentials To Spread Itself In The Network

New SSH-Snake Malware Abuses SSH Credentials To Spread Itself In The Network

Threat actors abuse SSH credentials to gain unauthorized access to systems and networks. By exploiting weak or compromised credentials, they can execute malicious activities. SSH credential abuse provides a stealthy entry point for threat actors...

How to Analyse Crypto Malware in ANY.RUN Sandbox ?

ANY.RUN, an interactive malware sandbox, has published a comprehensive analysis of the growing threat that crypto-malware poses in a time when it is more important than ever to have strong digital security. This malicious software,...
Russian Government Software Hijacked to Konni RAT

Russian Government Software Hijacked to Install Konni RAT

A critical cybersecurity incident recently occurred where the Konni Remote Access Trojan (RAT), a highly covert and sophisticated malware that specializes in data exfiltration, infiltrated the software systems of the Russian Government. This incident, uncovered...
Hackers Heavily Abusing Google Cloud Run to Deliver Banking Malware

Hackers Heavily Abusing Google Cloud Run to Deliver Banking Malware

Large-scale malware distribution campaigns are abusing Google Cloud Run to transmit banking trojans, including Astaroth (also known as Guildma), Mekotio, and Ousaban, to European and Latin American targets. With Cloud Run, you can promptly execute...
RSPAMD – Free Spam Filtering Tool to Analyse Email Threats With ANY RUN Sandbox

RSPAMD – Free Spam Filtering Tool to Analyse Email Threats With ANY RUN Sandbox

In a significant advancement for email security, ANY.RUN, a leader in malware analysis sandboxing, has unveiled a new module integrating RSPAMD into its Static Discovering feature. This RSPAMD integration marks a pivotal step in...
Raccoon Infostealer Operator

Raccoon Infostealer Operator Extradited to the United States

In a significant development in the fight against cybercrime, Ukrainian national Mark Sokolovsky, 28, has been extradited to the United States from the Netherlands to face charges related to his alleged involvement with the...
What is .NET Malware Obfuscators? – Develop & Dismantle a Simple Obfuscator

What is .NET Malware Obfuscators? – Develop & Dismantle a Simple Obfuscator

The .NET malware obfuscators are tools used to obfuscate the source code of .NET applications, making it challenging for reverse engineers to understand and analyze the code.  They rename variables, alter code structures, and add...
Multipurpose Glupteba Malware Controls OS Boot Process to Hide Itself

Multipurpose Glupteba Malware Controls OS Boot Process to Hide Itself

Glupteba, a decade-old malware in financial cybercrime, unveiled a new campaign in November 2023.  Despite its long tenure, the undiscovered features include a UEFI bootkit that allows stealthy persistence, challenging detection, and removal. Security analysts at...

Managed WAF

Website

Latest News