The North Korean state-sponsored threat actor Lazarus has long brought the definitions used by security researchers into doubt. Typically, state-sponsored groups are not financially motivated but motivated by the policies and aims of their state overlords. Lazarus is both in a sense that not onl
A favored attack vector exploited by hackers has long been Microsoft Office’s Macros functionality. Microsoft initially introduced macros to help users automate procedures making use of Excel or Word a much more convenient prospect, but that convenience came with price hackers were far too keen to c
Israeli-made spyware is again in the headlines. The last fallout resulted from the NSO group’s use of Pegasus which was used to track politicians, journalists, political dissidents, and political rivals, as long as the customer could pay for the service. As to the vetting of customers, it could be a
Crypto miners, namely malware that is designed to mine cryptocurrency using a victim's machine and resources without their knowledge, often fly under the radar in terms of press coverage. They lack the fear ransomware can induce when you and all your work colleagues are locked out of a network or ma
The last time Racoon Stealer made headlines was when its developers announced that they were ceasing operations following the war in Ukraine, more on this below. The last time this publication covered the malware was when its developers added features to target cryptocurrency wallets. Now, Racoon St
For some time now major tech companies have offered monetary rewards to those who find flaws that lead to zero-day vulnerabilities within the company's product code. Often referred to as bug bounties they can net the finder thousands of dollars, more if the vulnerability is determined to be severe o
Researchers have discovered a new spam email campaign dropping the Matabuchus malware which then drops Cobalt Strike beacons. This is by far not the first time we have seen other malware strains dropping Cobalt Strike beacons, previously we have seen Emotet doing almost the same thing. Just
Ransomware gangs are now targeting unpatched Confluence servers. This active targeting is due to a recently disclosed vulnerability that allows the attacker to execute code remotely if properly exploited. Following several proof-of-concept exploits of the vulnerability that were leaked to the public
Malware targeting the Linux operating system often goes under-reported as the perception still prevails that Linux is one of the smaller players in the Operating System (OS) landscape behind Microsoft’s Windows and Apple's macOS. Such perceptions tend to ignore the fact that Linux makes up large por
Towards the end of 2019 ransomware gangs began to apply a new tactic to further place pressure on corporate victims to pay the ransom. The tactic became known as double extortion due to ransomware operators threatening, and in many cases releasing, sensitive data stolen before files across the IT in