April 10, 2024 at 09:45AM Cybersecurity researchers have detected a new Raspberry Robin campaign using malicious Windows Script Files to spread malware since March 2024. The campaign, historically spread through USB drives, has expanded to other initial infection methods, including social engineering and malvertising. The WSF files function as downloaders to retrieve the main DLL … Read more
March 7, 2024 at 04:26PM Nation-state cyber threat groups are using USBs to infiltrate government and critical infrastructure. Check Point’s Maya Horowitz highlighted USBs as the primary infection vector for major threats, including China’s Camaro Dragon and Russia’s Gamaredon. Instances of USB attacks at a power company and a UK hospital underscore the danger. Organizations … Read more
March 1, 2024 at 02:22PM CISA has directed U.S. agencies to secure Windows systems against a critical vulnerability in Microsoft Streaming Service actively exploited in attacks. Tracked as CVE-2023-29360, the flaw allows local attackers to gain SYSTEM privileges without user interaction. Federal agencies must patch systems by March 21, as the bug has been exploited … Read more
February 12, 2024 at 05:21PM Summary: Raspberry Robin worm rapidly incorporates one-day exploits, enhancing privilege escalation capabilities. Check Point researchers suspect its developers contract with Dark Web exploit traffickers, allowing quick integration of new exploits, making it a prevalent initial access cyber threat. The worm’s popularity and effectiveness continue to grow, posing significant risks to … Read more
February 10, 2024 at 10:17AM Recent versions of the Raspberry Robin malware use stealthy one-day exploits for vulnerabilities in software, before the fixes are widely deployed. The malware has evolved since its 2021 discovery and now employs new evasion and distribution methods. It has been observed targeting systems globally and using Discord for malicious file … Read more
February 9, 2024 at 12:27PM The malware Raspberry Robin has evolved to utilize new one-day exploits for local privilege escalation, making it harder to detect and analyze. It serves as an initial access facilitator for other malicious payloads and has ties to various e-crime groups. The threat actors behind it purchase exploits from the dark … Read more
February 8, 2024 at 12:20PM Researchers suspect that the criminals behind the Raspberry Robin malware are now purchasing exploits to facilitate faster cyberattacks, prioritizing the speed of development to maximize their chances of successful attacks. The malware is known for its regular updates and has been recognized as a significant player in the world of … Read more