Crimeware

SNS Sender Active Campaigns Unleash Messaging Spam Through The Cloud 3

SNS Sender | Active Campaigns Unleash Messaging Spam Through the Cloud

Threat actors leverage cloud services to conduct massive smishing campaign through AWS Simple Notification Service.

Read More
Exploring FBot Python Based Malware Targeting Cloud And Payment Services 6

Exploring FBot  | Python-Based Malware Targeting Cloud and Payment Services

FBot arms threat actors with a multi-function attack tool designed to hijack cloud, Saas and web services.

Read More
Cloudy With A Chance Of Credentials AWS Targeting Cred Stealer Expands To Azure GCP 9

Cloudy With a Chance of Credentials | AWS-Targeting Cred Stealer Expands to Azure, GCP

Cloud credentials stealing campaign expands to target Azure and Google Cloud via unpatched web app vulnerabilities.

Read More
Hypervisor Ransomware Multiple Threat Actor Groups Hop On Leaked Babuk Code To Build ESXi Lockers

Hypervisor Ransomware | Multiple Threat Actor Groups Hop on Leaked Babuk Code to Build ESXi Lockers

Availability of leaked Babuk source code is fuelling a proliferation of file lockers targeting VMware ESXi.

Read More
IceFire Ransomware Returns Now Targeting Linux Enterprise Networks 8

IceFire Ransomware Returns | Now Targeting Linux Enterprise Networks

New Linux version of the IceFire ransomware have been observed in recent network intrusions of media and entertainment enterprises.

Read More
Cl0p Ransomware Targets Linux Systems With Flawed Encryption Decryptor Available 9

Cl0p Ransomware Targets Linux Systems with Flawed Encryption | Decryptor Available

An in-the-wild ELF variant of Cl0p ransomware shows the gang is looking beyond traditional Windows targets.

Read More
MalVirt .NET Virtualization Thrives In New Malvertising Attacks 3

MalVirt | .NET Virtualization Thrives in Malvertising Attacks

.NET malware loaders distributed through malvertising are using obfuscated virtualization for anti-analysis and evasion in an ongoing campaign.

Read More
Custom Branded Ransomware The Vice Society Group And The Threat Of Outsourced Development 3

Custom-Branded Ransomware: The Vice Society Group and the Threat of Outsourced Development

New PolyVice ransomware is likely in use by multiple threat actors building re-branded payloads with the same custom encryption scheme.

Read More
SocGholish Diversifies And Expands Its Malware Staging Infrastructure To Counter Defenders 2

SocGholish Diversifies and Expands Its Malware Staging Infrastructure to Counter Defenders

SocGholish operators continue to infect websites at a massive scale, and the threat actor is ramping up its infrastructure to match.

Read More
Black Basta Feature

Black Basta Ransomware | Attacks Deploy Custom EDR Evasion Tools Tied to FIN7 Threat Actor

Black Basta operational TTPs are described here in full detail, revealing previously unknown tools and techniques and a link to FIN7.

Read More