The APT37 threat group uses a new evasive ‘M2RAT’ malware and steganography to target individuals for intelligence collection. APT37, aka ‘RedEyes’ or ‘ScarCruft,’ is a North Korean cyber espionage hacking group believed to be state-supported.
The North Korean Lazarus APT group has laundered over $100 million in cryptocurrency since October 2022, through a new single crypto mixer, named Sinbad – found blockchain analysts. Last year, the U.S. Treasury’s Office of Foreign Assets Control (OFAC) imposed sanctions against these mixing services. Since then, it is suspected that Lazarus has shifted to […]
Basically, a client sends a request to a server via a compromised data-transfer channel. This channel isn’t controlled by the cybercriminals, but it is “listened to” by them.
Cybersecurity researchers have unearthed a new piece of evasive malware dubbed Beep that’s designed to fly under the radar and drop additional payloads onto a compromised host.
Much like other cyberattacks, malicious actors carry out SQL injection attacks in various stages across the attack life cycle. During an SQL injection attack specifically, attackers use a wide variety of techniques to gain access to their targets.
Microsoft researchers released in-depth analyses of the threat ecology of the Russian-affiliated Nobelium group and how it exploited MagicWeb to perform a complex authentication bypass for Active Directory Federated Services (AD FS). Microsoft first spotted MagicWeb in August 2022, when a Microsoft customer fell victim to a post-compromise capability of MagicWeb.
Recently, Kaspersky researchers shared with VPNOverview details of two separate campaigns — a scam designed to inject PCs with malware and a phishing ploy designed to steal banking information and other financial data.
Hackers are sending tailored phishing messages to their intended targets by language and location via geotargeting tool known as Geo Targetly, according to Avanan. The threat actors have been following the spray-and-pray technique that ensures they can target a massive number of individuals in one go. As phishing attacks keep evolving, organizations and individuals should […]
In January, cybersecurity company Sonatype said it found 691 malicious npm packages and 49 malicious PyPI components containing crypto-miners, remote access Trojans (RATs), and more.
A new joint advisory warns of North Korean hackers that are involved in ongoing ransomware attacks against healthcare systems in South Korea and the U.S. According to the advisory, the modus operandi of the attacks includes North Korean hackers acquiring and purchasing infrastructure to conceal their identities. The cybersecurity agencies have shared a list of recommendations […]