Initial Access Broker Market Booms, Posing Growing Threat to Enterprises
A rapid increase in the number of operators in the space — the "locksmiths" of the cyber underground — has…
Gootkit malware abuses VLC to infect healthcare orgs with Cobalt Strike
The Gootkit loader malware operators are running a new SEO poisoning campaign that abuses VLC Media Player to infect Australian…
Bitdefender releases free MegaCortex ransomware decryptor
Antivirus company Bitdefender has released a decryptor for the MegaCortex ransomware family, making it possible for victims of the once…
Clop ransomware uses TrueBot malware for access to networks
Security researchers have noticed a spike in devices infected with the TrueBot malware downloader created by a Russian-speaking hacking group…
Where Advanced Cyberttackers Are Heading Next: Disruptive Hits, New Tech
Following a year of increasingly disruptive attacks, advanced persistent threat groups will likely only become emboldened in 2023, security experts…
Black Basta Gang Deploys Qakbot Malware in Aggressive Cyber Campaign
The ransomware group is using Qakbot to make the initial point of entry before moving laterally within an organization’s network.
Google releases 165 YARA rules to detect Cobalt Strike attacks
The Google Cloud Threat Intelligence team has open-sourced YARA Rules and a VirusTotal Collection of indicators of compromise (IOCs) to…
New attacks use Windows security bypass zero-day to drop malware
New phishing attacks use a Windows zero-day vulnerability to drop the Qbot malware without displaying Mark of the Web security…
QBot phishing abuses Windows Control Panel EXE to infect devices
Phishing emails distributing the QBot malware are using a DLL hijacking flaw in the Windows 10 Control Panel to infect…
Researchers Sound Alarm on Dangerous BatLoader Malware Dropper
BatLoader has spread rapidly to roost in systems globally, tailoring payloads to its victims.