The Cyber Security Blog

Cyber Attack's, Malware, CVE's and more.

Targeted attack on industrial enterprises and public institutions

In January 2022, Kaspersky ICS CERT experts detected a wave of targeted attacks on military industrial complex enterprises and public...

Aug 9, 20221 min read

BumbleBee Roasts Its Way to Domain Admin

A look back at some of the key moments in an intrusion from April 2022, when the BumbleBee malware loader was used to access a...

Aug 9, 20221 min read

Likely Iranian Threat Actor Conducts Politically Motivated Disruptive Activity Against Albanian Gov

Researchers identified the ROADSWEEP ransomware family and a Telegram persona which targeted the Albanian government in a politically...

Aug 5, 20221 min read

So RapperBot, What Ya Bruting For?

Researchers have been tracking a rapidly evolving IoT malware family known as “RapperBot” since mid-June 2022. This family borrows...

Aug 5, 20221 min read

The DGA family Orchard continues to change

DGA is a classic botnet adversarial detection technology. Its principle is to use a certain DGA algorithm, combined with a specific seed...

Aug 5, 20221 min read

Flight of the Bumblebee: Email Lures and File Sharing Services Lead to Malware

Among the threat actors distributing Bumblebee is Projector Libra. Also known as EXOTIC LILY, Projector Libra is a criminal group that...

Aug 5, 20221 min read

Fake Atomic Wallet Website Distributing Mars Stealer

A security researcher has identified a fake Atomic wallet website distributing Mars Stealer, a malicious form of Cryptocurrency wallet,...

Aug 4, 20221 min read

Woody RAT: A new feature-rich malware spotted in the wild

Security researchers identified a new Remote Access Trojan we are calling Woody Rat that has been in the wild for at least one year. This...

Aug 4, 20221 min read

Large-Scale AiTM Attack targeting enterprise users of Microsoft email services

Security researchers discovered a new strain of a large-scale phishing campaign, which uses adversary-in-the-middle (AiTM) techniques...

Aug 3, 20221 min read

Comprehensive Threat Intelligence: Manjusaka: A Chinese sibling of Sliver and Cobalt Strike

Security researchers recently discovered a new attack framework called "Manjusaka" being used in the wild that has the potential to...

Aug 3, 20221 min read

SolidBit Ransomware Enters the RaaS Scene and Takes Aim at Gamers and Social Media Users.

Security researchers recently analyzed a sample of a new SolidBit ransomware variant that targets users of popular video games and social...

Aug 3, 20221 min read

Raccoon Stealer v2: The Latest Generation of the Raccoon Family

Raccoon is a malware family that has been sold as malware-as-a-service on underground forums since early 2019. In early July 2022, a new...

Aug 2, 20221 min read

Stealthy Nation-State BPFDoor

BPFDoor is a Linux/Unix backdoor that allows threat actors to remotely connect to a Linux shell to gain complete access to a compromised...

Aug 2, 20221 min read

Threat analysis: Follina exploit fuels 'live-off-the-land' attacks

An analysis of three in-the-wild payloads delivered using the recently discovered Follina exploit shows how attackers can use it to...

Aug 1, 20221 min read

Analysis of Malicious Android Software Spread by Sidewinder (APT-Q-39) Using Google Play

Security researchers captured a batch of suspected Android-side attack samples of the SideWinder organization. Sidewinder (APT-Q-39, also...

Aug 1, 20221 min read

New HiddenAds malware affects 1M+ users and hides on the Google Play Store

Security researchers identified new malware on the Google Play Store. The malware hides and continuously show advertisements to victims....

Aug 1, 20221 min read

Inside Matanbuchus: A Quirky Loader

Matanbuchus is a malware-as-a-Service loader that has been sold on underground markets for more than a year, but can also be rented to...

Jul 29, 20221 min read

Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits

A European private-sector offensive actor (PSOA) has developed malware used in a series of targeted attacks against Microsoft customers...

Jul 29, 20221 min read

Green Stone

A few days ago InQuest discovered a very interesting sample that was uploaded from Iran. The document is a contract for the supply of...

Jul 29, 20221 min read

Gootkit Loader’s Updated Tactics and Fileless Delivery of Cobalt Strike

Gootkit has been known to use fileless techniques to drop Cobalt Strike and other malicious payloads. Insights from a recent attack...

Jul 29, 20221 min read

The Cyber Security Blog

Cyber Attack's, Malware, CVE's and more.

Targeted attack on industrial enterprises and public institutions

BumbleBee Roasts Its Way to Domain Admin

Likely Iranian Threat Actor Conducts Politically Motivated Disruptive Activity Against Albanian Gov

So RapperBot, What Ya Bruting For?

The DGA family Orchard continues to change

Flight of the Bumblebee: Email Lures and File Sharing Services Lead to Malware

Fake Atomic Wallet Website Distributing Mars Stealer

Woody RAT: A new feature-rich malware spotted in the wild

Large-Scale AiTM Attack targeting enterprise users of Microsoft email services

Comprehensive Threat Intelligence: Manjusaka: A Chinese sibling of Sliver and Cobalt Strike

SolidBit Ransomware Enters the RaaS Scene and Takes Aim at Gamers and Social Media Users.

Raccoon Stealer v2: The Latest Generation of the Raccoon Family

Stealthy Nation-State BPFDoor

Threat analysis: Follina exploit fuels 'live-off-the-land' attacks

Analysis of Malicious Android Software Spread by Sidewinder (APT-Q-39) Using Google Play

New HiddenAds malware affects 1M+ users and hides on the Google Play Store

Inside Matanbuchus: A Quirky Loader

Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits

Green Stone

Gootkit Loader’s Updated Tactics and Fileless Delivery of Cobalt Strike

Privacy Policy

Service Terms and conditions

Tech Terms and conditions

Subscribe to Our Newsletter