October 17, 2024 at 12:18PM The Russian threat actor RomCom is linked to recent cyber attacks on Ukrainian government agencies and Polish entities, utilizing a variant of the RomCom RAT called SingleCamper. Targeting espionage, the group employs various malware tools, often starting with spear-phishing tactics, to establish long-term network access and exfiltrate data. Here are … Read more
September 24, 2024 at 08:10AM The RomCom malware, now in its SnipBot variant, has resurfaced, leveraging code-signing certificates for stealth. The cyberespionage threat targets victims through phishing emails, with malicious PDF files or executables. Its evolving obfuscation methods and post-exploitation activities highlight the need for advanced security measures to counter this ongoing threat. The meeting … Read more
October 13, 2023 at 03:59AM Void Rabisu, a threat actor associated with financially motivated ransomware attacks, has shifted its focus to targeted campaigns on Ukraine and countries supporting Ukraine. They have developed a new variant called ROMCOM, which they used in campaigns targeting EU military personnel and political leaders working on gender equality initiatives. The … Read more