To say that the financially motivated, advanced persistent threat group FIN7 is notorious is an understatement. The Russian-speaking group of hackers has been active since 2013 and primarily focused on financial fraud and stealing credit card details. The group then moved to the ransomware game in a
MuddyWater, also tracked as Earth Vetala, MERCURY, Static Kitten, and Seedworm, is an Iranian state-sponsored threat actor that has been active since 2017. In the past, we have seen the group extensively use zero-day exploits on several separate occasions. The group has also proven highly capable o
On July 2, 2024, Ethereum disclosed that a threat actor compromised Ethereum's mailing list provider and sent to over 35,000 addresses a phishing email with a link to a malicious site running a crypto drainer. Summarizing the attack, Ethereum noted: The threat actor imported a large email l
A banking trojan first discovered in 2020 has made a comeback, according to threat intelligence firm Cleafy. Called Medusa, not to be confused by the ransomware gang or the botnet going by the same name, the malware targets Android devices and is offered as a Malware-as-a-Service to other threat act
According to security researchers based at Trustwave, a sophisticated malware campaign has been detected. The attack campaign abuses the Windows search functionality embedded in HTML code to deploy malware. Researchers found that the threat actors utilize a sophisticated understanding of system vul
England's NHS Blood and Transplant (NHSBT) has issued an urgent call to O Positive and O Negative blood donors to book appointments and donate. This comes as major hospitals in the London area had to cancel operations and blood transfusions after a cyberattack on June 4, 2024. Hospitals were direct
The relatively new ransomware gang RansomHub has been quick to cause waves amongst ransomware researchers. With increased attention comes increased analysis by researchers, who have now discovered possible links to the somewhat out-of-action Knight ransomware. According to a recently published
In a recent press release by Europol, the details of the law enforcement agency's largest-ever operation against botnet infrastructure were released to the public. The main goal of the operation was to target the infrastructure behind some of the Internet's most prolific dropper malware strains: Ic
Security researchers at security firm Check Point Research have discovered a new version of the BiBi wiper malware that now includes destroying disk partition drives, making any recovery process far more complex. Wiper malware is designed to cause permanent damage to both data and hardware, making
In a joint report published by the US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), it was stated affiliates associated with the Black Basta have breached the networks of over 500 organizations worldwide. Black Basta was first seen in an