Microsoft Exchange servers hacked in internal reply-chain attacks
Threat actors are hacking Microsoft Exchange servers using ProxyShell and ProxyLogon exploits to distribute malware and bypass detection using stolen…
Emotet Makes a Comeback
The popular Trojan has re-emerged on the scene several months after the botnet infrastructure behind it was disrupted by law…
The Troubling Rise of Internet Access Brokers
Criminal groups are ramping up use of IABs to get access to networks without having to deal with the initial…
QBot returns for a new wave of infections using Squirrelwaffle
The activity of the QBot (also known as Quakbot) banking trojan is spiking again, and analysts from multiple security research…
Windows 10 App Installer abused in BazarLoader malware attacks
The TrickBot gang operators are now abusing the Windows 10 App Installer to deploy their BazarLoader malware on the systems…
SquirrelWaffle Leverages Malspam to Deliver Qakbot, Cobalt Strike
Threat is spreading widely via spam campaigns, infecting systems with a new malware loader.
TrickBot teams up with Shatak phishers for Conti ransomware attacks
A threat actor tracked as Shatak (TA551) recently partnered with the ITG23 gang (aka TrickBot and Wizard Spider) to deploy Conti…
Police arrest hackers behind over 1,800 ransomware attacks
The Europol has announced the arrest of 12 individuals who are believed to be linked to ransomware attacks against 1,800…
Spammers use Squirrelwaffle malware to drop Cobalt Strike
A new malware threat named Squirrelwaffle has emerged in the wild, supporting actors with an initial foothold and a way…
Trickbot spreads malware through new distribution channels
TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The operators behind the […] The…