November 2023

A new name was added to the cyber-rogues’ gallery of ransomware gangs this week after a criminal group called Rhysida claimed responsibility for an attack on the British Library. The library confirmed that personal data stolen in a cyber-attack last month has appeared for sale online. While the name behind the attack might be relatively […]

LummaC2 v4.0, an advanced malware, steals data and evades detection by employing trigonometry to distinguish human users from automated analysis tools. Security assessment platform provider Outpost24’s threat intelligence team KrakenLabs has uncovered a new technique that malware developers are using to evade detection in sandbox environments. This technique involves using trigonometry to analyze cursor movements

The Dragon Touch KidzPad Y88X 10 tablet on Amazon, analyzed by EFF researchers, also comes with preinstalled riskware and an outdated parental control app called KIDOZ. Retailers like Amazon have played a significant role in popularizing low-cost Android devices for children. However, based on research conducted by the Electronic Frontier Foundation (EFF) on such devices,

The British Library has confirmed that personal data stolen in a cyber-attack has appeared online, apparently for sale to the highest bidder. The attack was carried out in October by a group known for such criminal activity, said the UK’s national library, which holds about 14m books and millions of other items. This week, Rhysida,

Russian cyber espionage actors affiliated with the Federal Security Service (FSB) have been observed using a USB propagating worm called LitterDrifter in attacks targeting Ukrainian entities. Check Point, which detailed Gamaredon’s (aka Aqua Blizzard, Iron Tilden, Primitive Bear, Shuckworm, and Winterflounder) latest tactics, branded the group as engaging in large-scale campaigns that are followed by

A new variant of the Agent Tesla malware has been observed delivered via a lure file with the ZPAQ compression format to harvest data from several email clients and nearly 40 web browsers. “ZPAQ is a file compression format that offers a better compression ratio and journaling function compared to widely used formats like ZIP

Android smartphone users in India are the target of a new malware campaign that employs social engineering lures to install fraudulent apps that are capable of harvesting sensitive data. “Using social media platforms like WhatsApp and Telegram, attackers are sending messages designed to lure users into installing a malicious app on their mobile device by

North Korean threat actors have been linked to two campaigns in which they masquerade as both job recruiters and seekers to distribute malware and obtain unauthorized employment with organizations based in the U.S. and other parts of the world. The activity clusters have been codenamed Contagious Interview and Wagemole, respectively, by Palo Alto Networks Unit

Multiple threat actors, including LockBit ransomware affiliates, are actively exploiting a recently disclosed critical security flaw in Citrix NetScaler application delivery control (ADC) and Gateway appliances to obtain initial access to target environments. The joint advisory comes from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing and

Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead. Cybersecurity company Securonix is tracking the ongoing activity under the name SEO#LURKER . “The malicious advertisement directs the user to a compromised WordPress website gameeweb[.]com, which redirects