North Korean threat actors are targeting companies from the Web3 and crypto industries with a backdoor designed for macOS written in niche programming language Nim. […]
Category: Cyber Security News
Initial Access Broker Self-Patches Zero Days as Turf Control
A likely China-nexus threat actor has been exploiting unpatched Ivanti vulnerabilities to gain initial access to victim networks and then patching the systems to block […]
US Treasury Sanctions BPH Provider Aeza Group
In the past, the bulletproof group has been affiliated with many well-known ransomware and malware groups, such as BianLian and Lumma Stealer. ​The original article […]
Russian APT ‘Gamaredon’ Hits Ukraine With Fierce Phishing
A Russian APT known as “Gamaredon” is using spear-phishing attacks and network-drive weaponization to target government entities in Ukraine. ​The original article found on darkreading […]
ClickFix Spin-off Attack Bypasses Key Browser Safeguards
A new threat vector exploits how modern browsers save HTML files, bypassing Mark of the Web and giving attackers another social-engineering attack for delivering malware. […]
North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign
Threat actors with ties to North Korea have been observed targeting Web3 and cryptocurrency-related businesses with malware written in the Nim programming language, underscoring a […]
Chinese Student Charged in Mass Smishing Campaign to Steal Victims’ Personal Information
Ruichen Xiong, a student from China, has been sentenced to over a year in prison at Inner London Crown Court for orchestrating a large-scale smishing […]
Gamaredon Unleashes Six New Malware Tools for Stealth, Persistence, and Lateral Movement
Gamaredon, a Russia-aligned advanced persistent threat (APT) group attributed by Ukraine’s Security Service (SSU) to the FSB’s 18th Center of Information Security, has exclusively targeted […]
1 Year Later: Lessons Learned From the CrowdStrike Outage
The ever-growing volume of vulnerabilities and threats requires organizations to remain resilient and anti-fragile — that is, to be able to proactively respond to issues […]
Sixfold surge of ClickFix attacks threatens corporate defenses
Incidents of ClickFix — the social engineering attack technique that tricks users into executing malicious code — are skyrocketing. ClickFix attacks typically involve displaying a […]