SIEM as a Service

Flesh Stealer Malware Targets Chrome, Firefox, and Edge to Steal Passwords

Flesh Stealer has surfaced as a high-profile malware campaign targeting web browsers like Chrome, Firefox, Edge, and even messaging platforms like Signal and Telegram. Written in C# as a .NET executable, Flesh Stealer emerged in...
WhatsApp Messages

New Android Malware Exploiting Wedding Invitations to Steal Victims WhatsApp Messages

A sophisticated Android malware campaign, dubbed Tria Stealer, has been targeting users in Malaysia and Brunei since mid-2024.  The malware uses fake wedding invitations as a lure to trick victims into installing a malicious Android...
SystemBC RAT

New SystemBC RAT Attack Linux Systems to Hack Corporate Infrastructure

A new variant of the SystemBC Remote Access Trojan (RAT) has emerged, explicitly targeting Linux-based systems. Known for its stealth capabilities, this malware is designed to infiltrate corporate networks, cloud servers, and IoT devices,...
Prevent Ransomware Threats in Healthcare

How SOC/DFIR Teams Prevent Ransomware Threats in Healthcare – A Case Study on Interlock...

Ransomware attacks targeting the healthcare sector have become increasingly challenging to manage due to financial losses and the risks posed to patient safety and operational continuity. Researchers at ANR.RUN analyze the impact of ransomware...
TorNet backdoor Abusing Windows Schedule Task

New TorNet Backdoor Abusing Windows Schedule Task to Deliver Malware

A financially motivated threat actor has been linked to a sophisticated cyber campaign that has been targeting users in Poland and Germany since July 2024.  The effort uses phishing emails to spread a range of...
Fake Microsoft Teams Page

Fake Microsoft Teams Page Drops Malware On Windows By Exploiting Bing Ads

Unit 42 researchers Bradley Duncan and Zach Diehl uncovered a malicious campaign exploiting Bing search advertisements to deliver malware through deceptive websites impersonating legitimate software pages. This alarming discovery highlights the growing trend of...

InvisibleFerret Malware Attacking Windows Users Through Fake Job Interview Tactics

Over the past months, the North Korean APT Lazarus has been employing a sophisticated and coordinated approach, targeting the technology, financial, and cryptocurrency sectors, as part of its campaign. Cybersecurity researchers from ANY.RUN reports that...
Botnet Exploits MikroTik Devices

Botnet Exploits 13,000 MikroTik Devices By Abusing Misconfigured DNS Records

Cybersecurity experts at Infoblox Threat Intel have uncovered a sophisticated botnet leveraging misconfigured DNS records to bypass email protection systems and deliver malware through spam campaigns. This botnet, comprising approximately 13,000 compromised MikroTik routers,...
LINUX Rootkit malware

Rootkit Malware Exploiting 0-Day Vulnerabilities to Control Linux Systems Remotely

Fortinet researchers uncovered an advanced rootkit malware exploiting multiple zero-day vulnerabilities in enterprise appliances by executing a shell script (Install.sh). The analysis sheds new light on how attackers establish persistence, hijack network traffic, and remotely...

100 Million macOS Users At Risk – New Banshee Malware Attacks Bypassing Apple’s XProtect

Researchers analyzed new versions of the Banshee macOS Stealer sample that initially evaded detection by most antivirus engines, as analysis revealed that the malware employed a unique string encryption technique.  The encryption method was identical...
SIEM as a Service

Recent Posts

Paragon Spyware

WhatsApp Zero-Click Paragon Spyware Terminates Contract with Italy

Israeli spyware company Paragon Solutions has terminated its contract with Italy following allegations that its military-grade surveillance software, Graphite, was misused to target journalists...