July 23, 2024 at 03:59PM Evasive Panda, also known as Daggerfly, is a Chinese advanced persistent threat (APT) group that targets telecommunications companies, government agencies, NGOs, universities, and private individuals. It has developed malware for various platforms, including Windows, macOS, Android, Linux, and Solaris, showcasing its ambition and diverse capabilities. The group’s continuous development and … Read more
May 1, 2024 at 07:12AM The ZLoader malware, resurfaced after a two-year hiatus, has evolved with new anti-analysis features that make it harder to detect and analyze. It now restricts execution to the infected machine and employs techniques to avoid running on different hosts. Additionally, threat actors are utilizing fraudulent websites to spread malware through … Read more
January 8, 2024 at 03:31PM Dutch journalists from Volkskrant reported on the $1 billion cost to develop the Stuxnet virus, used against the Iranian nuclear program. They revealed that a Dutch spy facilitated the release of the virus, causing damage to nuclear centrifuges in Natanz and setting back the effort by several years. The engineer … Read more
December 11, 2023 at 10:12AM Lazarus, a North Korea-linked hacking group, has been using the Dlang malware in attacks on organizations in manufacturing, agriculture, and physical security sectors. Cisco’s Talos security researchers identify Lazarus as the perpetrator of these attacks, using the NineRAT, DLRAT, and BottomLoader malware families against unpatched systems. The attacks are related … Read more
December 4, 2023 at 10:07AM Vladimir Dunaev, a Russian citizen, admitted guilt in creating and deploying the TrickBot malware, which resulted in substantial financial losses. Takeaways from the Meeting Notes: 1. Acknowledgment of Guilty Plea: Vladimir Dunaev, a Russian national, has admitted guilt in his association with the TrickBot malware’s development and deployment. 2. Impact … Read more
December 1, 2023 at 04:52PM A Russian developer pleaded guilty to creating Trickbot malware, which has targeted global institutions since 2016. Arrested in South Korea, Vladimir Dunaev faces up to 35 years in prison. Trickbot, first for banking credential theft, evolved and was used by cybercrime groups before being disrupted by leaks. Summary: – Russian … Read more
December 1, 2023 at 10:15AM Vladimir Dunaev, a Russian national and developer of Trickbot malware, pled guilty in the US, facing up to 35 years in prison for creating the software responsible for significant financial damage globally. Trickbot caused tens of millions in losses since 2016, attacking hospitals, schools, and businesses. US and UK sanctions … Read more
November 8, 2023 at 04:37AM The Nokoyawa ransomware-as-a-service (RaaS) operator, ‘farnetwork’, was involved in malware development and operation management for various affiliate programs. A cybersecurity company, Group-IB, reported their activities and revealed their connections to ransomware operations since 2019. Despite retiring the Nokoyawa RaaS program, it is believed that farnetwork will rebrand and continue their … Read more