New Campaign Uses Remcos RAT to Exploit Victims
See how threat actors have abused Remcos to collect sensitive information from victims and remotely control their computers to perform further malicious acts.
New macOS malware HZ RAT lets attackers control Macs remotely
It lets attackers control Macs remotely.
New Hunters International RAT identified by Quorum Cyber
During a recent ransomware incident investigated by the Quorum Cyber Incident Response team, novel malware was identified previously unknown.
Rafel RAT, Android Malware from Espionage to Ransomware Operations
Android, Google’s most popular mobile operating system, powers billions of smartphones and tablets globally. Known for its open-source nature and flexibility, Android offers users a wide array of features, customization options, and access to a vast ecosystem of applications through the Google Play Store and other sources. However, with its widespread adoption and open environment comes the risk of malicious activity. Android malware, a malicious software designed to target Android devices, poses a significant threat to users’ privacy, security, and data integrity. These malicious programs come in various forms, including viruses, Trojans, ransomware, spyware, and adware, and they can infiltrate devices through multiple vectors, such as app downloads, malicious websites, phishing attacks, and even system vulnerabilities.
Hackers phish finance orgs using trojanized Minesweeper clone
Hackers are utilizing code from a Python clone of Microsoft's venerable Minesweeper game to hide malicious scripts in attacks on European and US financial organizations.
Woody RAT: A new feature-rich malware spotted in the wild
The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
Backdoor RAT for Windows, macOS, and Linux went undetected until now | Ars Technica
Never-before-seen, cross-platform SysJoker came from an "advanced threat actor."
Woody RAT: A new feature-rich malware spotted in the wild
The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
Backdoor RAT for Windows, macOS, and Linux went undetected until now | Ars Technica
Never-before-seen, cross-platform SysJoker came from an "advanced threat actor."
Woody RAT: A new feature-rich malware spotted in the wild
The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
Backdoor RAT for Windows, macOS, and Linux went undetected until now | Ars Technica
Never-before-seen, cross-platform SysJoker came from an "advanced threat actor."
RATs Distributed Through Skype, Zoom, & Google Meet Lures
Threat actors are creating and using fake Skype, Zoom, and Google Meet pages to spread RATs.
Woody RAT: A new feature-rich malware spotted in the wild
The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
Backdoor RAT for Windows, macOS, and Linux went undetected until now | Ars Technica
Never-before-seen, cross-platform SysJoker came from an "advanced threat actor."
International Cybercrime Malware Service Dismantled by Federal Authorities: Key Malware Sales and Support Actors in Malta and Nigeria Charged in Federal Indictments
The Justice Department announced today that, as part of an international law enforcement effort, federal authorities in Boston seized internet domains that were used to sell computer malware used by cybercriminals to secretly access and steal data from victims’ computers. Federal authorities in Atlanta and Boston also unsealed indictments charging individuals in Malta and Nigeria, respectively, for their alleged involvement in selling the malware and supporting cybercriminals seeking to use the malware for malicious purposes.
BattleRoyal, DarkGate Cluster Spreads via Email and Fake Browser Updates
Overview Throughout the summer and fall of 2023, DarkGate entered the ring competing for the top spot in the remote access trojan (RAT) and loader category. It was observed in use by multiple cybe...
Woody RAT: A new feature-rich malware spotted in the wild
The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
Backdoor RAT for Windows, macOS, and Linux went undetected until now | Ars Technica
Never-before-seen, cross-platform SysJoker came from an "advanced threat actor."
Woody RAT: A new feature-rich malware spotted in the wild
The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
Backdoor RAT for Windows, macOS, and Linux went undetected until now | Ars Technica
Never-before-seen, cross-platform SysJoker came from an "advanced threat actor."
AVrecon malware infects 70,000 Linux routers to build botnet
Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers and add them to a botnet designed to steal bandwidth and provide a hidden residential proxy service.
Woody RAT: A new feature-rich malware spotted in the wild
The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
Backdoor RAT for Windows, macOS, and Linux went undetected until now | Ars Technica
Never-before-seen, cross-platform SysJoker came from an "advanced threat actor."