RomCom Malware Resurfaces With SnipBot Variant

September 24, 2024 at 08:10AM The RomCom malware, now in its SnipBot variant, has resurfaced, leveraging code-signing certificates for stealth. The cyberespionage threat targets victims through phishing emails, with malicious PDF files or executables. Its evolving obfuscation methods and post-exploitation activities highlight the need for advanced security measures to counter this ongoing threat. The meeting … Read more

Worldwide Agenda Ransomware Wave Targets VMware ESXi Servers

March 26, 2024 at 05:22PM A new and improved variant of the group’s malware is causing chaos in virtual environments by combining fileless infection, BYOVD, and other advanced techniques. Based on the meeting notes, it seems that a new, enhanced version of the group’s malware has been developed. This variant combines fileless infection, BYOVD, and … Read more

‘RomCom’ Cyber Campaign Targets Women Political Leaders

October 16, 2023 at 02:44PM The Women Political Leaders Summit 2023 conference attendees were targeted by a cyber espionage campaign through a spoofed event website loaded with a malware called ROMCOM 4.0. The campaign focused on individuals promoting gender equality in the European Union. The cybercriminal group behind the attack, Void Rabisu, has evolved from … Read more