From Caribbean shores to your devices: analyzing Cuba ransomware
The article analyzes the malicious tactics, techniques and procedures (TTP) used by the operator of the Cuba ransomware, and details a Cuba attack incident.
Trojan
Evil Telegram doppelganger attacks Chinese users
Spyware Telegram mod in Uighur and Chinese spreads through Google Play stealing messages and other user data.
IT threat evolution in Q2 2023. Non-mobile statistics
PC malware statistics for Q2 2022 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices.
IT threat evolution in Q2 2023. Mobile statistics
The smartphone malware statistics for Q2 2023 includes data for Android malware, adware, banking Trojans and ransomware.
IT threat evolution in Q2 2023
Q2 2023 overview: targeted attacks such as Operation Triangulation, CloudWizard and Lazarus activity, Nokoyawa ransomware, and others.
Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure
North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure and healthcare institutions in Europe and the US. The group leveraged the vulne…
Lockbit leak, research opportunities on tools leaked from TAs
In September of 2022, multiple security news professionals wrote about and confirmed the leakage of a builder for Lockbit 3 ransomware. In this post we provide the analysis of the builder and recently discovered builds.
New Gigabud Android RAT Bypasses 2FA, Targets Financial Orgs
By Habiba Rashid
Emergence of Gigabud Banking Trojan Threatens Financial Institutions Globally.
This is a post from HackRead.com Read the original post: New Gigabud Android RAT Bypasses 2FA, Targets Financial Orgs
What’s happening in the world of crimeware: Emotet, DarkGate and LokiBot
In this report, we share our recent crimeware findings: the new DarkGate loader, new LokiBot campaign and new Emotet version delivered via OneNote.
Fake TeamViewer Installer Used to Deliver njRAT Malware
By Habiba Rashid
A fake and malicious version of TeamViewer is being pushed as legitimate, which in reality infects devices with njRAT Malware (aka Bladabindi).
This is a post from HackRead.com Read the original post: Fake TeamViewer Installer Used to …