Posted inVulnerabilities
From Cybersecurity Help – UAC-0219 targets Ukraine’s government agencies with WRECKSTEEL stealer
This activity has been ongoing since at least the fall of 2024. Read More
Posted inNews
From Dark Reading – CoffeeLoader Malware Is Stacked With Viscous Evasion Tricks
Next-level malware represents a new era of malicious code developed specifically to get around modern security software like digital forensics tools and EDR, new research warns. Read More
.webp)
Posted inNews
From Cyber Security News – DarkCloud – An Advanced Stealer Malware Selling Via Telegram To Steal Data From Windows
DarkCloud is a sophisticated stealer malware that emerged in 2022, quickly positioning itself as one of the most prevalent threats in its category. This Windows-targeting malware has evolved significantly to…
.webp)
Posted inNews
From Cyber Security News – New Sophisticated Malware CoffeeLoader Bypasses Endpoint Security to Deploy Rhadamanthys Shellcode
Cybersecurity researchers have uncovered a sophisticated new malware strain targeting macOS systems, dubbed “CoffeeLoader,” which employs advanced techniques to bypass endpoint security solutions and deliver Rhadamanthys shellcode payloads. The malware…
Posted inNews
From The Hacker News – Hackers Repurpose RansomHub’s EDRKillShifter in Medusa, BianLian, and Play Attacks
A new analysis has uncovered connections between affiliates of RansomHub and other ransomware groups like Medusa, BianLian, and Play.
The connection stems from the use of a custom tool that's designed to disable endpoint detection and response (EDR) software on compromised hosts, according to ESET. The EDR killing tool, dubbed EDRKillShifter, was first documented as used by RansomHub actors in
.webp)
Posted inNews
From Cyber Security News – CAPE from Cuckoo v1 – Malware Sandbox to Execute Malicious Files in An Isolated Environment
In the ever-evolving landscape of cyber threats, security professionals need robust tools to analyze malicious software safely. CAPE (Config And Payload Extraction) has emerged as a powerful malware sandbox derived…
.webp)
Posted inNews
From Cyber Security News – New Malware Attacking Android Users Abusing Cross-Platform Framework For Evasion
Cybercriminals have developed sophisticated malware campaigns targeting Android users by exploiting .NET MAUI, a cross-platform development framework, to evade traditional security measures. These threats disguise themselves as legitimate banking and…
Posted inVulnerabilities
From Cybersecurity Help – New North Korea-linked Android spyware KoSpy targets Korean and English-speaking users
KoSpy is distributed through fake utility applications, which masquerade as helpful tools. Read More
.webp)
Posted inNews
From Cyber Security News – Detecting Cyber Attack Patterns by Analyzing Threats Actors Infrastructure
The identification of cyber attack patterns through infrastructure analysis has emerged as a crucial methodology in modern threat intelligence. By examining the digital footprints left by threat actors, security analysts…
Posted inNews
From Cyber Security News – Android App With 220,000+ Downloads From Google Play Installs Banking Trojan
A sophisticated Android banking trojan campaign leveraging a malicious file manager application accumulated over 220,000 downloads on the Google Play Store before its removal. Dubbed Anatsa (also known as TeaBot),…
.webp)
Posted inNews
From Cyber Security News – Hackers Attacking 4000+ ISPs With New Malware for Remote Access
Researchers from Splunk have identified a sophisticated malware campaign targeting over 4,000 Internet Service Providers (ISPs) primarily located on the West Coast of the United States and in China. The…
Posted inVulnerabilities
From Cybersecurity Help – Hackers attack UAE aviation sector in highly targeted email-based campaign
The primary goal of the attack was to deliver Sosano, a custom backdoor written in Go. Read More
Posted inNews
From The Hacker News – The New Ransomware Groups Shaking Up 2025
In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023.
After a slow start, attacks spiked in Q2 and surged in Q4, with 1,827 incidents (33% of the year's total). Law enforcement actions against major groups like LockBit caused fragmentation, leading to more competition and a rise in smaller gangs. The number of active ransomware groups jumped 40%, from 68 in 2023 to 95
Posted inNews
From Cyber Security News – BlackBastaGPT – A ChatGPT Powered Tool to Uncover Ransomware Group Tactics
A new AI-powered chatbot, BlackBastaGPT, trained on over 1 million leaked internal messages from the Black Basta ransomware gang. Hudson Rock released the tool just days after the unprecedented data…
Posted inNews
From Security Week – How China Pinned University Cyberattacks on NSA Hackers
[[{"value":"A researcher dives into Chinese reports attributing cyberattacks on Northwestern Polytechnical University to the NSA’s TAO division. The post How China Pinned University Cyberattacks on NSA Hackers appeared first on…