Russian hackers linked to widespread attacks targeting NATO and EU
Poland's Military Counterintelligence Service and its Computer Emergency Response Team have linked APT29 state-sponsored hackers, part of the Russian government's…
Microsoft, Fortra & Health-ISAC Team Up to Remove Illicit Cobalt Strike Tools
The effort aims to disrupt the use of altered Cobalt Strike software by cybercriminals in ransomware and other attacks.
Microsoft and Fortra crack down on malicious Cobalt Strike servers
Microsoft, Fortra, and the Health Information Sharing and Analysis Center (Health-ISAC) have announced a broad legal crackdown against servers hosting…
Emotet malware now distributed in Microsoft OneNote files to evade defenses
The Emotet malware is now distributed using Microsoft OneNote email attachments, aiming to bypass Microsoft security restrictions and infect more…
IceFire Ransomware Portends a Broader Shift From Windows to Linux
IceFire has changed up its OS target in recent cyberattacks, emblematic of ransomware actors increasingly targeting Linux enterprise networks, despite…
Exfiltrator-22: The Newest Post-Exploitation Toolkit Nipping at Cobalt Strike’s Heels
The framework-as-a-service signals an intensification of the cat-and-mouse game between defenders detecting lateral movement, and cybercriminals looking to go unnoticed.
Hackers start using Havoc post-exploitation framework in attacks
Security researchers are seeing threat actors switching to a new and open-source command and control (C2) framework known as Havoc…
Fresh, Buggy Clop Ransomware Variant Targets Linux Systems
For the moment, victims can decrypt data without paying a ransom. But Clop is a ransomware variant that has caused…
Hackers backdoor Windows devices in Sliver and BYOVD attacks
A new hacking campaign exploits Sunlogin flaws to deploy the Sliver post-exploitation toolkit and launch Windows Bring Your Own Vulnerable…
Ransomware access brokers use Google ads to breach your network
A threat actor tracked as DEV-0569 uses Google Ads in widespread, ongoing advertising campaigns to distribute malware, steal victims' passwords,…