Experts warn of malware campaigns delivering the BazarLoader malware abusing popular collaboration tools like Slack and BaseCamp. Since January, researchers observed malware campaigns delivering the BazarLoader malware abusing popular collaboration tools like Slack and BaseCamp. The campaigns aimed at employees of large organizations, the messages attempt

Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “Gafgyt,”some of them re-used Mirai code.  Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “Gafgyt”, via threat intelligence systems and our in-house osquery-based sandbox. Upon ana

FireEye published its M-Trend 2021 report based on the data collected during the investigation, 650 new threat groups were tracked in 2020 FireEye published its annual report, titled M-Trend 2021, which is based on the data collected during the investigation on security incidents it managed. Most of the incidents investigated by Mandiant (59%) in 2020 wer

More than 500,000 Huawei users have been infected with the Joker malware after downloading apps from the company’s official Android store. More than 500,000 Huawei users were infected with the Joker malware after they have downloaded tainted apps from the company’s official Android store. The fight to the Joker malware (aka Bread) begun in September 20

APKPure, one of the largest alternative app stores, was the victim of a supply chain attack, threat actors compromised client version 3.17.18 to deliver malware. Multiple security experts discovered threat actors tampered with the APKPure client version 3.17.18 of the popular alternative third-party Android app store. APKPure is available only on devi

Microsoft researchers spotted a malware campaign abusing contact forms on legitimate websites to deliver the IcedID malware. Security experts from Microsoft have uncovered a malware campaign abusing contact forms on legitimate websites to deliver the IcedID malware. Threat actors behind the operation are using contact forms published on websites to del

The FBI arrested a man for allegedly planning a bomb attack against Amazon Web Services (AWS) to kill about 70% of the internet. The FBI arrested Seth Aaron Pendley (28), from Texas, for allegedly planning to launch a bomb attack against Amazon Web Services (AWS) data center on Smith Switch Road in Ashburn, Virginia. The man was attempting to buy C-4 p

A threat actor has sold almost 900,000 gift cards and over 300,000 payment cards on a cybercrime forum on the dark web. A crook has sold 895,000 gift cards and over 300,000 payment cards, for a total of US$38 million, on a  top-tier Russian-language hacking forum on the dark web. The criminal actor was spotted offering a huge amount of cards in February

Group-IB, a global threat hunting and adversary-centric cyber intelligence company, discovered that user data of the Swarmshop card shop have been leaked online on March 17, 2021. The database was posted on a different underground forum and contained 12,344 records of the card shop admins, sellers and buyers including their nicknames,

A joint operation of Europol and the Italian Postal and Communication Police resulted in the arrest of an Italian national who hired a hitman on the dark web. Europol and the Italian Postal and Communication Police (Polizia Postale e delle Comunicazioni) arrested an Italian national as part of the “Operation Hitman” because he is suspected of

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. Threat actors are actively exploiting the CVE-2018-13379 vulnerability in Fortinet VPNs to deploy a new piece of ransomware, tracked as Cring ransomware (also known as Crypt3r, Vjiszy1lo, Ghost, Phantom), to o

Crooks increasingly often use legitimate services such as Google Forms and Telegram to obtain user data stolen on phishing websites. Group-IB, a global threat hunting and adversary-centric cyber intelligence company, has found that cybercriminals increasingly often use legitimate services such as Google Forms and Telegram to

A new supply chain attack made the headlines, threat actors compromised at least one update server of smartphone maker Gigaset to deliver malware. The German device maker Gigaset was the victim of supply chain attack, threat actors compromised at least one server of the company to deliver malware. Gigaset AG, formerly known as Siemens Home and Office

A malware attack against vehicle inspection services provider Applus Technologies paralyzed preventing vehicle inspections in eight US states. Applus Technologies is a worldwide leader in the testing, inspection and certification sector, the company was recently hit by a malware cyberattack that impacted vehicle inspections in eight states, including Conn

More clients of Capital One have been impacted in the 2019 data breach, the US bank is notifying them of their SSNs exposure. US bank Capital One notified a number of additional customers that their Social Security numbers were exposed in the data breach that took place in July 2019. A hacker that was going online with the handle “erratic” breached the