It is operated by a group tracked under the intrusion set “Water Roc”. This group combines advanced techniques with legitimate tools to make them harder to detect and respond before it is too late.

Several threat actors are increasingly writing malicious codes in GoLang. Recently, the PYSA group was found deploying ChaChi, a remote access trojan written in Go.

When Microsoft observed the rootkit, it was found out that it communicated with Chinese C2 IPs which belong to a company that the US Department of Defense labeled as “Community Chinese Military”.

A report from Aqua Security’s Team Nautilus reveals that attacks targeting companies’ container infrastructure, including Docker images, have climbed nearly 600% in a year.

Cisco first disclosed the vulnerability and issued a fix in October 2020. However, the initial patch for CVE-2020-3580 was incomplete, and a further fix was released in April 2021.

A new variant of the IcedID banking trojan has been discovered that spreads via two new spam campaigns. These campaigns are hitting more than 100 detections a day. The best way to stay protected from such threats is to stay alert while receiving emails from unknown senders.

Drata Inc., a new startup working to make it easier for companies to comply with cybersecurity standards, today announced that it has raised a $25 million funding round led by GGV Capital.

Threat monitoring and identity access management provider FYEO on Wednesday announced that it emerged from stealth mode with the acquisition of threat intelligence company Intelliagg.

It has done so by hiding its malware in pirated and cracked copies of popular software, Daniel Beneš, a malware analyst for antivirus maker Avast, said in a report today.

A group of bipartisan lawmakers introduced legislation to step up cybersecurity literacy and increase awareness among the American public amid a spike in cyberthreats against critical infrastructure.