Inside the Hoaxcalls Botnet: Both Success and Failure
The DDoS group sets itself apart by using exploits — but it doesn’t always pan out.
Hackers Compromise Cisco Servers Via SaltStack Flaws
Attackers compromised six Cisco VIRL-PE servers that are affected by critical SaltStack vulnerabilities.
Google Location Tracking Lambasted in Arizona Lawsuit
The lawsuit, filed against Google by Arizona’s Attorney General, alleges that the tech giant uses “deceptive and unfair conduct” to obtain users’ location data.
PonyFinal Ransomware Targets Enterprise Servers Then Bides Its Time
Microsoft has warned on a new breed of patient ransomware attacks that lurk in networks for weeks before striking.
Valak Loader Revamped to Rob Microsoft Exchange Servers
Phishing campaigns targeting enterprises in U.S. and Germany have been used to nab enterprise mailing info, passwords and certificates.
The zero-day exploits of Operation WizardOpium
Back in October 2019 we detected a classic watering-hole attack on a North Korea-related news site that exploited a chain of Google Chrome and Microsoft Windows zero-days. While we’ve already published blog posts briefly describing this operation (available here and here), in this blog post we’d like to take a deep technical dive into the…
DoubleGun Group Builds Massive Botnet Using Cloud Services
The latest campaign spread malware via pirate gaming portals.
‘[F]Unicorn’ Ransomware Impersonates Legit COVID-19 Contact-Tracing App
The new malware family was seen pretending to be an official Italian app, called Immuni.
Hackers Sell Data from 26 Million LiveJournal Users on Dark Web
Passwords and other credentials have been listed on Have I Been Pwned as attack rumors circulate.
StrandHogg 2.0 Critical Bug Allows Android App Hijacking
a malicious app installed on a device can hide behind legitimate apps.