Month: February 2024
Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the following partners (hereafter referred to as the authoring organizations) are releasing this joint Cybersecurity Advisory [more…]
#StopRansomware: Phobos Ransomware
SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware [more…]
European diplomats targeted by SPIKEDWINE with WINELOADER
Zscaler’s ThreatLabz discovered a suspicious PDF file uploaded to VirusTotal from Latvia on January 30th, 2024. This PDF file is masqueraded as an invitation letter [more…]
DCRat: Step-by-Step Analysis in ANY.RUN
We’re super excited to introduce Mizuho (@morimolymoly2 on X) today, a software engineer and malware analyst making their debut on the ANY.RUN blog. In today’s [more…]
A Shadowed Menace : The Escalation of Web API Cyber Attacks in 2024
The landscape of cyber security is continuously evolving, with Web Application Programming Interfaces (APIs) becoming a focal point for cyber attackers. APIs, which facilitate communication [more…]
CACTUS: Analyzing a Coordinated Ransomware Attack on Corporate Networks
Bitdefender Labs recently helped with an investigation that unfortunately aligns with two key predictions we made for 2024: the rapid rise of opportunistic ransomware and [more…]
When Cats Fly: Suspected Iranian Threat Actor UNC1549 Targets Israeli and Middle East Aerospace and Defense Sectors
Today Mandiant is releasing a blog post about suspected Iran-nexus espionage activity targeting the aerospace, aviation, and defense industries in Middle Eastern countries, including Israel [more…]
Xeno RAT: A New Remote Access Trojan with Advance Capabilities
At CYFIRMA, we are dedicated to providing current insights into prevalent threats and strategies utilized by malicious entities, targeting both organizations and individuals. This in-depth [more…]
TimbreStealer campaign targets Mexican users with financial lures
Talos has observed an ongoing phishing spam campaign targeting potential victims in Mexico, luring users to download a new obfuscated information stealer we’re calling TimbreStealer, [more…]
When Stealers Converge: New Variant of Atomic Stealer in the Wild
Here at Bitdefender, we are constantly working on improving detection capabilities for our macOS cyber-security products; part of this effort involves revisiting old (or digging [more…]