BlackTech Targets Tech, Research, and Gov Sectors New ‘Deuterbear’ Tool
Technology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as part of a recent cyber attack wave. The intrusions pave the way for an updated version of modular backdoor dubbed Waterbear as well as its enhanced successor referred to as Deuterbear. « Waterbear is known for its complexity, as it
How Attackers Can Own a Business Without Touching the Endpoint
Attackers are increasingly making use of “networkless” attack techniques targeting cloud apps and identities. Here’s how attackers can (and are) compromising organizations – without ever needing to touch the endpoint or conventional networked systems and services. Before getting into the details of the attack techniques being used, let’s discuss why
Hackers Target Middle East Governments with Evasive « CR4T » Backdoor
Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4T. Russian cybersecurity company Kaspersky said it discovered the activity in February 2024, with evidence suggesting that it may have been active since at least a year prior. The campaign has been codenamed
APT44, bras armé cyber de la Russie
Mandiant a attribué un APT à Sandworm, considéré comme le principal groupe cybercriminel à la solde de Moscou.
OfflRouter Malware Evades Detection in Ukraine for Almost a Decade
Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an analysis of over 100 confidential documents that were infected with the VBA macro virus and uploaded to the VirusTotal malware scanning platform. « The documents contained VBA code to drop and run an […]
FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor
The infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive industry to deliver a known backdoor called Carbanak (aka Anunak). « FIN7 identified employees at the company who worked in the IT department and had higher levels of administrative rights, » the BlackBerry research and intelligence team said in a new […]
Cybersécurité : HarfangLab et Filigran connectent EDR et CTI
Les deux startup proposent un connecteur entre la platefome OpenCTI de Filigran et l’EDR de HarfangLab pour accélérer la détection des menaces et les réponses aux incidents.
How to Conduct Advanced Static Analysis in a Malware Sandbox
Sandboxes are synonymous with dynamic malware analysis. They help to execute malicious files in a safe virtual environment and observe their behavior. However, they also offer plenty of value in terms of static analysis. See these five scenarios where a sandbox can prove to be a useful tool in your investigations. Detecting Threats in PDFs […]
Global Police Operation Disrupts ‘LabHost’ Phishing Service, Over 30 Arrested Worldwide
As many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used by criminal actors to steal personal credentials from victims around the world. Described as one of the largest Phishing-as-a-Service (PhaaS) providers, LabHost offered phishing pages targeting banks, high-profile organizations, and other service
Recover from Ransomware in 5 Minutes—We will Teach You How!
Super Low RPO with Continuous Data Protection:Dial Back to Just Seconds Before an Attack Zerto, a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about […]