From Origins to Operations: Understanding Black Basta Ransomware
Explore the rise of Black Basta as a top ransomware threat, their sophisticated tactics, notable attacks, and future implications for cybersecurity.
New “Goldoon” Botnet Targeting D-Link Devices
FortiGuard Labs discovered the new botnet “Goldoon” targeting D-Link devices through related vulnerability CVE-2015-2051.
Phishers who breached Twilio and targeted Cloudflare could easily get you, too
Unusually resourced threat actor has targeted multiple companies in recent days.
SEKOIA.IO Mid-2022 Ransomware Threat Landscape
SEKOIA.IO presents its Ransomware threat landscape for the first semester of 2022, with the following key points: Ransomware victimology – recent evolutions A busy first half of the year – several newcomers in the ransomware neighborhood Cross-platform ransomware features trend New extortion techniques State-nexus groups carrying out ransomware campaigns Ransomware threat groups’ Dark Web activities * A shift towards extortion without encryption?
Ransomware review: June 2022
LockBit remained the most active threat in June, and “the costliest strain of ransomware ever documented” went dark while others surged.
ASyncRat surpasses Dridex, TrickBot and Emotet to become dominant email threat
Earlier this year Malwarebytes released its 2022 Threat Review, a review of the most important threats and cybersecurity trends of 2021, and what they could mean for 2022. Among other things it covers the year’s alarming rebound in malware detections, and a significant shift in the balance of email threats.
An update on the threat landscape
Online security is extremely important for people in Ukraine and the surrounding region right now. Government agencies, independent newspapers and public service providers need it to function and individuals need to communicate safely. Google’s Threat Analysis Group (TAG) has been working around the clock, focusing on the safety and security of our users and the platforms that help them access and share important information.
Phishers who breached Twilio and targeted Cloudflare could easily get you, too
Unusually resourced threat actor has targeted multiple companies in recent days.
SEKOIA.IO Mid-2022 Ransomware Threat Landscape
SEKOIA.IO presents its Ransomware threat landscape for the first semester of 2022, with the following key points: Ransomware victimology – recent evolutions A busy first half of the year – several newcomers in the ransomware neighborhood Cross-platform ransomware features trend New extortion techniques State-nexus groups carrying out ransomware campaigns Ransomware threat groups’ Dark Web activities * A shift towards extortion without encryption?
Ransomware review: June 2022
LockBit remained the most active threat in June, and “the costliest strain of ransomware ever documented” went dark while others surged.
ASyncRat surpasses Dridex, TrickBot and Emotet to become dominant email threat
Earlier this year Malwarebytes released its 2022 Threat Review, a review of the most important threats and cybersecurity trends of 2021, and what they could mean for 2022. Among other things it covers the year’s alarming rebound in malware detections, and a significant shift in the balance of email threats.
An update on the threat landscape
Online security is extremely important for people in Ukraine and the surrounding region right now. Government agencies, independent newspapers and public service providers need it to function and individuals need to communicate safely. Google’s Threat Analysis Group (TAG) has been working around the clock, focusing on the safety and security of our users and the platforms that help them access and share important information.
As Threats in Space Mount, U.S. Lags in Protecting Key Services
The United States and China are locked in a new race, in space and on Earth, over a fundamental resource: time itself. And the United States is losing. Global positioning satellites serve as clocks in the sky, and their signals have become fundamental to the global economy — as essential for telecommunications, 911 services and financial exchanges as they are for drivers and lost pedestrians.
Phishers who breached Twilio and targeted Cloudflare could easily get you, too
Unusually resourced threat actor has targeted multiple companies in recent days.
SEKOIA.IO Mid-2022 Ransomware Threat Landscape
SEKOIA.IO presents its Ransomware threat landscape for the first semester of 2022, with the following key points: Ransomware victimology – recent evolutions A busy first half of the year – several newcomers in the ransomware neighborhood Cross-platform ransomware features trend New extortion techniques State-nexus groups carrying out ransomware campaigns Ransomware threat groups’ Dark Web activities * A shift towards extortion without encryption?
Ransomware review: June 2022
LockBit remained the most active threat in June, and “the costliest strain of ransomware ever documented” went dark while others surged.
ASyncRat surpasses Dridex, TrickBot and Emotet to become dominant email threat
Earlier this year Malwarebytes released its 2022 Threat Review, a review of the most important threats and cybersecurity trends of 2021, and what they could mean for 2022. Among other things it covers the year’s alarming rebound in malware detections, and a significant shift in the balance of email threats.
An update on the threat landscape
Online security is extremely important for people in Ukraine and the surrounding region right now. Government agencies, independent newspapers and public service providers need it to function and individuals need to communicate safely. Google’s Threat Analysis Group (TAG) has been working around the clock, focusing on the safety and security of our users and the platforms that help them access and share important information.
Bigpanzi Exposed: The Hidden Cyber Threat Behind Your Set-Top Box
Some time ago, we intercepted a dubious ELF sample exhibiting zero detection on VirusTotal. This sample, named pandoraspear and employing a modified UPX shell, has an MD5 signature of 9a1a6d484297a4e5d6249253f216ed69. Our analysis revealed that it hardcoded nine C2 domain names, two of which had lapsed beyond their expiration protection period. We seized this opportunity to register these domains to gauge the botnet's scale. At its peak, we noted approximately 170,000 daily active bots, predominantly in Brazil.employing a modified UPX shell, has an MD5 signature of 9a1a6d484297a4e5d6249253f216ed69. Our analysis revealed that it hardcoded nine C2 domain names, two of which had lapsed beyond their expiration protection
Phishers who breached Twilio and targeted Cloudflare could easily get you, too
Unusually resourced threat actor has targeted multiple companies in recent days.
SEKOIA.IO Mid-2022 Ransomware Threat Landscape
SEKOIA.IO presents its Ransomware threat landscape for the first semester of 2022, with the following key points: Ransomware victimology – recent evolutions A busy first half of the year – several newcomers in the ransomware neighborhood Cross-platform ransomware features trend New extortion techniques State-nexus groups carrying out ransomware campaigns Ransomware threat groups’ Dark Web activities * A shift towards extortion without encryption?
Ransomware review: June 2022
LockBit remained the most active threat in June, and “the costliest strain of ransomware ever documented” went dark while others surged.
ASyncRat surpasses Dridex, TrickBot and Emotet to become dominant email threat
Earlier this year Malwarebytes released its 2022 Threat Review, a review of the most important threats and cybersecurity trends of 2021, and what they could mean for 2022. Among other things it covers the year’s alarming rebound in malware detections, and a significant shift in the balance of email threats.
An update on the threat landscape
Online security is extremely important for people in Ukraine and the surrounding region right now. Government agencies, independent newspapers and public service providers need it to function and individuals need to communicate safely. Google’s Threat Analysis Group (TAG) has been working around the clock, focusing on the safety and security of our users and the platforms that help them access and share important information.
Star Blizzard increases sophistication and evasion in ongoing attacks
Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard, who has improved their detection evasion capabilities since 2022 while remaining focused on email credential theft against targets.
Phishers who breached Twilio and targeted Cloudflare could easily get you, too
Unusually resourced threat actor has targeted multiple companies in recent days.
SEKOIA.IO Mid-2022 Ransomware Threat Landscape
SEKOIA.IO presents its Ransomware threat landscape for the first semester of 2022, with the following key points: Ransomware victimology – recent evolutions A busy first half of the year – several newcomers in the ransomware neighborhood Cross-platform ransomware features trend New extortion techniques State-nexus groups carrying out ransomware campaigns Ransomware threat groups’ Dark Web activities * A shift towards extortion without encryption?
Ransomware review: June 2022
LockBit remained the most active threat in June, and “the costliest strain of ransomware ever documented” went dark while others surged.
ASyncRat surpasses Dridex, TrickBot and Emotet to become dominant email threat
Earlier this year Malwarebytes released its 2022 Threat Review, a review of the most important threats and cybersecurity trends of 2021, and what they could mean for 2022. Among other things it covers the year’s alarming rebound in malware detections, and a significant shift in the balance of email threats.
An update on the threat landscape
Online security is extremely important for people in Ukraine and the surrounding region right now. Government agencies, independent newspapers and public service providers need it to function and individuals need to communicate safely. Google’s Threat Analysis Group (TAG) has been working around the clock, focusing on the safety and security of our users and the platforms that help them access and share important information.