Bumblebee Malware Loader Resurfaces Following Law Enforcement Takedown

October 22, 2024 at 06:22AM The Bumblebee malware loader may be reemerging after a law enforcement operation in May 2024. This malicious campaign highlights the potential revival of this threat. The information is reported by SecurityWeek. **Meeting Takeaways:** 1. **Resurgence of Bumblebee Malware Loader**: There is a new malicious campaign indicating that the Bumblebee malware … Read more

Bumblebee malware returns after recent law enforcement disruption

October 21, 2024 at 11:49AM Bumblebee malware has resurfaced more than four months after being disrupted by Europol’s ‘Operation Endgame.’ This malware, created by TrickBot developers, infects systems through phishing and promotes fake software. Recent attacks involve malicious ZIP files leading to stealthy installations. Researchers warn of its potential resurgence in cyber threats. ### Meeting … Read more

Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America

August 20, 2024 at 02:22AM Cybersecurity researchers have reported ongoing attacks by Blind Eagle, an adaptable threat actor targeting entities and individuals in Latin American nations. The group employs spear-phishing tactics, geographical redirection, and process injection techniques to distribute trojans like AsyncRAT and NjRAT, enabling cyber espionage and financial credential theft campaigns. Kaspersky warns of … Read more

Cybercriminals Exploit Free Software Lures to Deploy Hijack Loader and Vidar Stealer

June 18, 2024 at 10:00AM Threat actors are distributing malicious software through free/pirated commercial software. Hijack Loader camouflages as a Cisco Webex Meetings’ ptService module, stealthily introducing Vidar Stealer. The attack uses DLL side-loading and PowerShell scripts, while other actors employ social engineering tactics to deliver malware like Lumma Stealer and SolarMarker. This underscores the … Read more

Pakistani Hacking Team ‘Celestial Force’ Spies on Indian Gov’t, Defense

June 13, 2024 at 06:08AM A new report from Cisco Talos details a group called “Cosmic Leopard,” operating as “Operation Celestial Force,” which has been conducting cyber espionage against Indian government and defense entities for at least six years. The group’s tactics include using malware like GravityRAT and HeavyLift to target individuals and organizations. Preventative … Read more

Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version

May 8, 2024 at 07:06AM A newer version of malware loader Hijack Loader, also known as IDAT Loader, has been updated with anti-analysis techniques, making it more stealthy and effective at evading detection. It now incorporates modules to bypass security measures and deliver various malware families. This includes the decryption and parsing of a PNG … Read more

Bumblebee malware attacks are back after 4-month break

February 13, 2024 at 10:47AM The Bumblebee malware, previously attributed to cybercrime syndicates Conti and Trickbot, has resurfaced in phishing campaigns targeting organizations in the U.S. The recent campaign uses fake voicemail notifications and malicious documents with VBA macros to introduce the Bumblebee DLL into victims’ systems. This marks a departure from previous distribution methods … Read more

New Malvertising Campaign Distributing PikaBot Disguised as Popular Software

December 19, 2023 at 06:33AM The PikaBot malware loader, previously distributed through malspam campaigns, has now been linked to malvertising targeting users seeking software like AnyDesk. It operates as a backdoor, enabling unauthorized remote access and delivery of other malicious tools. PikaBot is employed by threat actors, including TA577, using sophisticated techniques to evade detection … Read more