Cyble Honeypot Sensors Detect WordPress Plugin Attack, New Banking Trojan
WordPress plugins are under active attack, a new banking trojan is spreading, and phishing and brute-force attacks continue unabated.
Widespread Cloud Exposure: Extortion Campaign Used Exposed AWS ENV Files To Target 110,000 Domains
A cloud extortion campaign exploited misconfigured AWS .env files to target 110,000 domains, stealing credentials and ransoming cloud storage data.
Threat Actors Capitalize On ServiceNow Vulnerability
Cyble observes how Dark Web forums reveal ServiceNow users falling victim to a Remote Code Execution vulnerability, which exposes sensitive data & escalates risks across sectors.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
Dissecting Saintstealer
Cyble Analyzes Saintstealer, an infostealer using a C&C server with known links to other popular infostealers.
LOCKBIT Black's Legacy: Unraveling The DragonForce Ransomware Connection - Cyble
CRIL investigates DragonForce Ransomware and its links to a leaked LOCKBIT Builder.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
Dissecting Saintstealer
Cyble Analyzes Saintstealer, an infostealer using a C&C server with known links to other popular infostealers.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
Dissecting Saintstealer
Cyble Analyzes Saintstealer, an infostealer using a C&C server with known links to other popular infostealers.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
Dissecting Saintstealer
Cyble Analyzes Saintstealer, an infostealer using a C&C server with known links to other popular infostealers.
Vulnerable Fortinet Devices: Low-hanging Fruit for Threat Actors
Cyble analyzes the increasing incidences of vulnerabilities in Fortinet, highlighting the impact they have on Critical Infrastructure.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
Dissecting Saintstealer
Cyble Analyzes Saintstealer, an infostealer using a C&C server with known links to other popular infostealers.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
Dissecting Saintstealer
Cyble Analyzes Saintstealer, an infostealer using a C&C server with known links to other popular infostealers.
Akira Ransomware Extends Reach to Linux Platform
Cyble Research & Intelligence Labs examines the Linux variant of Akira Ransomware and assesses its impact on various sectors.
A closer look at Eternity Malware
In this analysis, Cyble looks at the Eternity Malware suite, listing a wide variety of malware for sale on Telegram.
Dissecting Saintstealer
Cyble Analyzes Saintstealer, an infostealer using a C&C server with known links to other popular infostealers.
Unmasking the Darkrace Ransomware Gang
Cyble analyses Darkrace Ransomware, a new ransomware group shares similarities with infamous LockBit Ransomware.
Cyble — Threat Actor Selling New Atomic macOS (AMOS) Stealer on Telegram
CRIL analyzes AMOS, a stealthy new information stealer targeting macOS and disseminating stolen information via Telegram.
Cyble — Demystifying Money Message Ransomware
CRIL analyses the anatomy of a new ransomware group named Money Message, which can encrypt network shares and target both Windows and Linux.
Cyble — New Cylance Ransomware with Power-Packed CommandLine Options
CRIL analyzes Cylance, a new Ransomware variant that uses command-line options to target both Windows and Linux users.
Cyble — Cl0p Ransomware: Active Threat Plaguing Businesses Worldwide
Cyble Research & Intelligence Labs analyzes Cl0p ransomware which is rapidly gaining attention for its success in extorting businesses.
Creal: New Stealer Targeting Cryptocurrency Users Via Phishing Sites
Open-Source Stealer Widely Abused by Threat Actors The threat of InfoStealers is widespread and has been frequently employed by various Threat Actors (TA)s to launch attacks and make financial gains. Until now, the primary use of stealers by TAs has been to sell logs or to gain initial entry into a corporate network.
Wave of Arrests Hits Cybercriminals
Cyble reflects on the identification of a forum administrator and two cybercriminals and how it impacts the wider cybercrime ecosystem.
The Growing Threat of ChatGPT-Based Phishing Attacks
Cyble analyzes how Threat Actors are using the recent buzz around ChatGPT to launch Phishing attacks using various methods.
Qakbot's Evolution Continues with New Strategies
Cyble Research & Intelligence Labs analyzes new strategies deployed by Qakbot to infect users via Microsoft OneNote.
‘InTheBox’ Web Injects Targeting Android Banking Applications Worldwide
Cyble analyzes 'InTheBox' as part of its thorough research on Web Injects and their role in targeting Android Banking applications worldwide,