The effects of law enforcement takedowns on the ransomware landscape
While the results of law enforcement action against ransomware-as-a-service operators Alphv/BlackCat and LockBit are yet to be fully realized, the August 2023 disruption of …
FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities
The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) …
FBI disrupts Chinese botnet used for targeting US critical infrastructure
The FBI has disrupted the KV botnet, used by People’s Republic of China (PRC) state-sponsored hackers (aka “Volt Typhoon”) to target US-based critical …
Qakbot returns in fresh assault on hospitality sector
The Qakbot botnet has been disrupted this summer, but cybercriminals are not ready to give up on the malware: Microsoft’s threat analysts have spotted a new phishing …
The removal of Qakbot from infected computers is just the first step
The Qakbot botnet has been disrupted by an international law enforcement operation that culminated last weekend, when infected computers started getting untethered from it by …
Qakbot botnet disrupted, malware removed from 700,000+ victim computers
The Qakbot botnet has been crippled by the US Department of Justice (DOJ): 52 of its servers have been seized and the popular malware loader has been removed from over 700,000 …
Bogus OfficeNote app delivers XLoader macOS malware
A new macOS-specific variant of the well known XLoader malware is being delivered disguised as the “OfficeNote” app. “Multiple submissions of this sample …
Macs are getting compromised to act as proxy exit nodes
AdLoad, well-known malware that has been targeting systems running macOS for over half a decade, has been observed delivering a new payload that – unbeknown to the …
Zyxel firewalls under attack by Mirai-like botnet
CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to …
Business-grade routers compromised in low-key attack campaign
An unknown threat actor has discreetly compromised business-grade DrayTek routers in Europe, Latin and North America, equipping them with a remote access trojan (dubbed …
Cybercriminals exploit fear and urgency to trick consumers
Cybercriminals remained active in spying and information stealing, with lottery-themed adware campaigns used as a tactic to obtain people’s contact details, according to …
Multi-platform Chaos malware threatens to live up to its name
Chaos, new multipurpose malware written in the Go programming language, is spreading across the world. “We are seeing a complex malware that has quadrupled in size in just two …
Featured news
Sponsored
Don't miss
- CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)
- The rising influence of AI on the 2024 US election
- 10 colleges and universities shaping the future of cybersecurity education
- What is multi-factor authentication (MFA), and why is it important?
- MITRE breached by nation-state threat actor via Ivanti zero-days