The Cyber Security Blog

Cyber Attack's, Malware, CVE's and more.

LV Ransomware Exploits ProxyShell in Attack on a Jordan-based Company

TrendMicro's blog entry provides a look at an attack involving the LV ransomware on a Jordan-based company from an intrusion analysis...

Oct 31, 20221 min read

Exbyte: BlackByte Ransomware Attackers Deploy New Exfiltration Tool

Symantec’s Threat Hunter Team has discovered that at least one affiliate of the BlackByte ransomware (Ransom.Blackbyte) operation has...

Oct 31, 20221 min read

Broken Dreams and Piggy Banks: Pig Butchering Crypto Fraud Growing Online

Proofpoint tracks multiple threats known as Sha Zhu Pan, or “Pig Butchering” threats. These are confidence-based threats similar to...

Oct 25, 20221 min read

#StopRansomware: Daixin Team

The Daixin Team is a ransomware and data extortion group that has targeted the HPH Sector with ransomware and data extortion operations...

Oct 25, 20221 min read

GuLoader Malware Disguised as a Word File Being Distributed in Korea

The ASEC analysis team has discovered that the GuLoader malware is being distributed to Korean corporate users. GuLoader is a downloader...

Oct 25, 20221 min read

sczriptzzbn inject pushes malware for NetSupport RAT

A campaign nicknamed "sczriptzzbn inject" can be identified by script using a variable named sczriptzzbn injected into files returned...

Oct 21, 20221 min read

Ukrainian Military-Themed Excel File Delivers Multi-Stage Cobalt Strike Loader

A Ukrainian military-Themed Excel file loaded with malicious macro code is used to launch multi-stage Cobalt Strike Beacon malware on...

Oct 20, 20221 min read

New “Prestige” ransomware impacts organizations in Ukraine and Poland

The Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a novel ransomware campaign targeting organizations in the...

Oct 20, 20221 min read

Deep Analysis of Snake Keylogger

Snake Keylogger is a malware developed using .NET. It’s focused on stealing sensitive information from a victim’s device, including saved...

Oct 13, 20221 min read

Cryptojacking campaign detected in the wild

Cryptojacking campaign in which the attackers exploit known DLL Side-Loading vulnerabilities in Microsoft OneDrive. REFERENCE:...

Oct 13, 20221 min read

MSSQL, meet Maggie

A novel backdoor malware targeting Microsoft’s MSSQL servers has been identified by DCSO CyTec, a security firm based in Hong Kong, and...

Oct 7, 20221 min read

Bumblebee: increasing its capacity and evolving its TTPs

The spring of 2022 saw a spike in activity of Bumblebee loader, a recent threat that has garnered a lot of attention due to its many...

Oct 5, 20221 min read

Amazon-themed campaigns of Lazarus in the Netherlands and Belgium

ESET researchers have discovered Lazarus attacks against targets in the Netherlands and Belgium that use spearphishing emails connected...

Oct 5, 20221 min read

CrowdStrike Falcon Platform Identifies Supply Chain Attack via a Trojanized Comm100 Chat Installer

CrowdStrike has identified a new supply chain attack during the installation of a chat-based customer engagement platform, the Comm100...

Oct 5, 20221 min read

Malicious Tor Browser spreads through YouTube

A malicious Tor Browser installer distributed through a popular Chinese-language YouTube channel is the target of a multi-million dollar...

Oct 5, 20221 min read

New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server

Around the beginning of August 2022, while doing security monitoring & incident response services, security researchers discovered that a...

Oct 5, 20221 min read

Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors

Earlier this year, researchers identified a novel malware ecosystem impacting VMware ESXi, Linux vCenter servers, and Windows virtual...

Oct 5, 20221 min read

DeftTorero TTPs in 2019–2021

The tactics, techniques and procedures of the DeftTorero cyber-attack developed in the Middle East. REFERENCE:...

Oct 3, 20221 min read

Lazarus ‘Operation In(ter)ception’ Targets macOS Users Dreaming of Jobs in Crypto

Back in August, researchers spotted an instance of Operation In(ter)ception using lures for job vacancies at cryptocurrency exchange...

Oct 3, 20221 min read

Witchetty: Group Uses Updated Toolset in Attacks on Governments in Middle East

The Witchetty espionage group (aka LookingFrog) has been progressively updating its toolset, using new malware in attacks on targets in...

Oct 3, 20221 min read

The Cyber Security Blog

Cyber Attack's, Malware, CVE's and more.

LV Ransomware Exploits ProxyShell in Attack on a Jordan-based Company

Exbyte: BlackByte Ransomware Attackers Deploy New Exfiltration Tool

Broken Dreams and Piggy Banks: Pig Butchering Crypto Fraud Growing Online

#StopRansomware: Daixin Team

GuLoader Malware Disguised as a Word File Being Distributed in Korea

sczriptzzbn inject pushes malware for NetSupport RAT

Ukrainian Military-Themed Excel File Delivers Multi-Stage Cobalt Strike Loader

New “Prestige” ransomware impacts organizations in Ukraine and Poland

Deep Analysis of Snake Keylogger

Cryptojacking campaign detected in the wild

MSSQL, meet Maggie

Bumblebee: increasing its capacity and evolving its TTPs

Amazon-themed campaigns of Lazarus in the Netherlands and Belgium

CrowdStrike Falcon Platform Identifies Supply Chain Attack via a Trojanized Comm100 Chat Installer

Malicious Tor Browser spreads through YouTube

New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server

Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors

DeftTorero TTPs in 2019–2021

Lazarus ‘Operation In(ter)ception’ Targets macOS Users Dreaming of Jobs in Crypto

Witchetty: Group Uses Updated Toolset in Attacks on Governments in Middle East

Privacy Policy

Service Terms and conditions

Tech Terms and conditions

Subscribe to Our Newsletter