Brand Protection

Sponsored
by

Noteworthy

Brand Protection / Industry Updates

Gauging How Big a Threat Gigabud RAT Is Through an IoC List Expansion Analysis

Targeting governments the world over in cyber attacks is not a novel concept. Doing that using mobile apps, however, is quite new as a tactic. And that's what Cyble researchers reported as Gigabud RAT's modus operandi - trailing its sights on citizens of Thailand, the Philippines, and Peru who use government-owned institutions' mobile apps. more

Catching Batloader Disguised as Legit Tools through Threat Vector Identification

Putting on a mask on malware has always worked to trick users into downloading them, and the threat actors behind Batloader banked on just that. Trend Micro researchers tracked and analyzed Batloader-related developments toward the end of 2022. more

Tracing Connections to Rogue Software Spread through Google Search Ads

Taking control of victims' accounts is typically the end goal of many cybercriminals, and they never cease to come up with wily ways to do so. Bleeping Computer researchers recently spotted hackers spreading malware mayhem through Google search ads supposedly pointing to open-source software download sites. more

Sifting for Digital Breadcrumbs Related to the Latest Zoom Attack

Threat actors have been targeting Zoom and its users since the platform's launch, and it's easy to see why -- the latest stats show it accounts for 3.3 trillion annual meeting minutes worldwide. It's not surprising, therefore, that cyber attackers trailed their sights yet again on the communication app. more

Cloud Atlas May Hide Their Tracks but 1,800+ Unpublicized Artifacts Can Help Orgs Tag Them

Cyber espionage group Cloud Atlas has been trailing its sights on critical infrastructure operators in countries suffering from political conflict since its discovery in 2014. Aptly nicknamed "Inception," the group's tactic of going after nations with bigger problems than cybersecurity seems to be working, as evidenced by successful intrusions over the years. more

Exposing Chat Apps Exploited for Supply Chain Attacks

As far back as September 2022, Trend Micro reported that threat actors began exploiting chat apps Comm100 and LiveHelp100 to launch supply chain attacks. In a bid to help potential targets curb the problem, they publicized nine indicators of compromise (IoCs), specifically command-and-control (C&C) server addresses. more

Supply Chain Security: A Closer Look at the IconBurst and Material Tailwind Attacks

Earlier this month, ReversingLabs published a report on the current state of software supply chain security. They stated that the volume of such attacks using npm and PyPI code have increased by a combined 289% in the past four years. The research also cited two npm attacks as evidence -- IconBurst and Material Tailwind. more

RedLine Stealer: IoC Analysis and Expansion

For roughly US$100, threat actors can purchase RedLine Stealer, a malware-as-a-service (MaaS) program first detected in March 2020 that continues to wreak havoc to this day. The malware can steal information from infected devices, including autocomplete and saved information on browsers. more

Own a Facebook Business? Beware of Ducktail

WithSecure recently unveiled a malicious campaign dubbed "Ducktail," which trailed its sights on Facebook business owners and advertisers. Believed to be run by Vietnamese operators, Ducktail uses malware to steal data from victims and hijack vulnerable Facebook business properties. more

Exposing the New Potential Ways Royal Ransomware Gets Delivered

DEV -- 0569, a threat actor Microsoft has been monitoring, was recently observed deploying Royal ransomware via pages posing as legitimate software download sites and repositories, among other stealthy tactics. He has so far used fake download sites for Adobe Flash Player, AnyDesk, Zoom, and TeamViewer in phishing emails and domains. more