25 Jan 2023

DragonSpark Hackers Evade Detection With SparkRAT and Golang

SentinelLabs recently attributed a new string of attacks targeting East Asian organizations to a threat actor referred to as DragonSpark. SentinelLabs stated that the campaign leverages a rare open-source SparkRAT and malware tools to evade detection through source code interpretation techniques. The techniques are based on the Go programming language.

Read More
20 Jan 2023

CircleCI Confirms Data Breach Was Caused By Infostealer on Employee Laptop

CircleCI has confirmed that a data breach that impacted the integration and delivery platform was the result of an infostealer deployed to an employee’s laptop. The breach occurred on January 4, 2023 and the company identified the incident after detecting the presence of an unauthorized third party. The information stealer

Read More
16 Jan 2023

5 sneaky tricks crypto phishing scammers used last year: SlowMist

Blockchain security firm SlowMist has highlighted five common phishing techniques crypto scammers used on victims in 2022, including malicious browser bookmarks, phony sales orders and Trojan malware spread on the messaging app Discord. The security firm recorded a total of 303 blockchain security incidents over the year, with 31.6% of these

Read More
09 Jan 2023

Cybercriminals Using ChatGPT to Build Hacking Tools, Write Code

Expert and novice cybercriminals have already started to use OpenAI’s chatbot ChatGPT in a bid to build hacking tools, security analysts have said. In one documented example, the Israeli security company Check Point spotted(Opens in a new window) a thread on a popular underground hacking forum by a hacker who

Read More
04 Jan 2023

Researchers Discover New Linux Malware Targeting WordPress Sites

Research by cybersecurity firm Dr. Web has found that a new strain of Linux malware is targeting websites based on WordPress. The malware has been named Linux.BackDoor.WordPressExploit.1 and targets 32-bit versions of Linux. The malware is primarily used to hack websites based on content management systems and to inject malicious

Read More
28 Dec 2022

North Korean Hacking Group Steals Millions Posing as Japanese VCs And Banks

North Korean group BlueNoroff has find a new way to hack into your crypto wallets. Now it resembles banks and Japanese VC firms. This December 27, Kaspersky Lab announced that the North Korean hacking group ‘BlueNoroff’ stole millions of dollars in cryptocurrencies after creating more than 70 fake domains and

Read More
28 Dec 2022

Zerobot Botnet Devs Add New Functionality

Microsoft has identified a prolific botnet called Zerobot that is spread through IoT and web application vulnerabilities. The botnet has reportedly added new capabilities and exploits to its skillset, Microsoft states. Zerobot is sold on underground cybercrime forums as a malware-as-a-service model, meaning that its authors can update its functionality

Read More
23 Dec 2022

New NFT private auction scam threatens OpenSea users

As nonfungible tokens (NFTs) became more popular, bad actors who constantly try to exploit users within the space have become more active. Now, a new hack involving a feature on the NFT marketplace OpenSea threatens NFT holders through phishing sites. In an announcement, anti-theft project Harpie warned NFT users of a

Read More
20 Dec 2022

Sophisticated DarkTortilla Malware Serves Imposter Cisco, Grammarly Pages

Security researchers have identified two phishing threats impersonating Cisco and Grammarly. Both phishing operations consist of illegitimate webpages directing users to malware known to researchers as DarkTortilla. The .NET based malware can be configured to deliver various payloads and is known for its several functions that render it extremely stealthy

Read More
15 Dec 2022

AgentTesla Remains Most Prolific Malware in November, Emotet and Qbot Grow

According to a recent report released by Check Point Research detailing the most prolific malware in November 2022, Emotet has returned as one of the most prevalent malware strains identified in the wild. The Trojan Qbot also made the list, for the first time since 2021. Check Point also found

Read More