July 31, 2024 at 09:45AM A malware campaign, DEV#POPPER, is targeting software developers across Windows, Linux, and macOS systems. Linked to North Korea, the threat actors use social engineering to trick victims into divulging information or downloading malicious software. The campaign uses obfuscated JavaScript and Python backdoors, along with enhanced obfuscation and remote monitoring to … Read more
February 1, 2024 at 03:56PM A Russian advanced persistent threat (APT) group, believed to be related to Shuckworm, has initiated a targeted PowerShell attack campaign against the Ukrainian military using a newly discovered backdoor, STEADY#URSA. The attackers employ various evasion and obfuscation techniques, and their approach involves distributing malicious payloads through phishing emails and USB … Read more
January 9, 2024 at 01:57PM Financially motivated Turkish hackers are targeting Microsoft SQL servers worldwide, encrypting victims’ files using Mimic ransomware. Tracked as RE#TURGENCE, the attacks have hit targets in the EU, US, and Latin America. The hackers compromise insecure MSSQL servers using brute force attacks, then deploy ransomware payloads and execute other malicious activities. … Read more
January 9, 2024 at 11:24AM A new report from cybersecurity firm Securonix warns that financially motivated threat actors based in Turkey have been targeting Microsoft SQL Server databases with ransomware attacks. The campaign, primarily aimed at organizations in the US, Europe, and Latin America, involves various malicious activities including brute-forcing credentials, executing shell commands, and … Read more
November 30, 2023 at 09:31AM Securonix and Wiz have partnered to offer a comprehensive security solution across cloud and on-premises environments. Their integrated system combines Wiz’s cloud analysis with Securonix’s threat detection to improve enterprises’ risk visibility and threat response. The goal is to enhance security teams’ abilities to detect threats and understand their impact … Read more