Please turn on your JavaScript for this page to function normally.
lock
The effects of law enforcement takedowns on the ransomware landscape

While the results of law enforcement action against ransomware-as-a-service operators Alphv/BlackCat and LockBit are yet to be fully realized, the August 2023 disruption of …

botnet
FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities

The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) …

botnet
FBI disrupts Chinese botnet used for targeting US critical infrastructure

The FBI has disrupted the KV botnet, used by People’s Republic of China (PRC) state-sponsored hackers (aka “Volt Typhoon”) to target US-based critical …

Qakbot
Qakbot returns in fresh assault on hospitality sector

The Qakbot botnet has been disrupted this summer, but cybercriminals are not ready to give up on the malware: Microsoft’s threat analysts have spotted a new phishing …

Qakbot
The removal of Qakbot from infected computers is just the first step

The Qakbot botnet has been disrupted by an international law enforcement operation that culminated last weekend, when infected computers started getting untethered from it by …

malware
Qakbot botnet disrupted, malware removed from 700,000+ victim computers

The Qakbot botnet has been crippled by the US Department of Justice (DOJ): 52 of its servers have been seized and the popular malware loader has been removed from over 700,000 …

Mac malware
Bogus OfficeNote app delivers XLoader macOS malware

A new macOS-specific variant of the well known XLoader malware is being delivered disguised as the “OfficeNote” app. “Multiple submissions of this sample …

Macs are getting compromised to act as proxy exit nodes

AdLoad, well-known malware that has been targeting systems running macOS for over half a decade, has been observed delivering a new payload that – unbeknown to the …

Zyxel
Zyxel firewalls under attack by Mirai-like botnet

CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to …

router
Business-grade routers compromised in low-key attack campaign

An unknown threat actor has discreetly compromised business-grade DrayTek routers in Europe, Latin and North America, equipping them with a remote access trojan (dubbed …

Hand
Cybercriminals exploit fear and urgency to trick consumers

Cybercriminals remained active in spying and information stealing, with lottery-themed adware campaigns used as a tactic to obtain people’s contact details, according to …

malware
Multi-platform Chaos malware threatens to live up to its name

Chaos, new multipurpose malware written in the Go programming language, is spreading across the world. “We are seeing a complex malware that has quadrupled in size in just two …

Don't miss

Cybersecurity news