Cyberattack

Is Aurora as Stealthy as Its Operators Believe?

Stealth is a typical goal for most threat actors when launching malware and other attacks. The better hidden a malware is, the more effective an attack becomes. And that is what fast-rising data stealer Aurora is gaining notoriety for.

Australian Government Steps In

Like in many countries, Australia has been experiencing an increase in cybersecurity incidents. The Australian Cyber Security Centre (ACSC) received over 76,000 cybercrime reports during the 2021 -- 2022 financial year, an increase of nearly 13% from the previous year.

From Counties to Banks: Tracing the Footprint of Ransomware Attack IoCs

SecurityScorecard published a report on a cyber attack that a U.S. county victim announced on 11 September 2022. With ransomware attacks against local government units increasing in the past few years, WhoisXML API researchers decided to build on the list of IP addresses related to the attacks.

Beware That Software Update, It Could Be Magniber in Disguise

Did you know that a Magniber ransomware infection can cost you a ransom of as much as US$2,500? The operators' favored method of delivery? Fake Windows 10 updates, putting 80% of all Windows operating system (OS) users worldwide at risk. The campaign, believed to have begun in April this year, remains a threat. Are Windows 10 users the only ones at risk, though?

On the Frontlines of the Syrian Electronic Army’s Digital Arsenal

The Syrian Electronic Army (SEA) is a group of threat actors that have been around since 2011. Some of their possible victims are PayPal, eBay, Twitter, media outlets, and some U.S. government websites.

Tracing the Digital Footprint of Iran’s Mabna Hackers

In 2018, nine Mabna hackers were indicted by a U.S. grand jury for their involvement in different instances of cybercrime. Their victims included about 320 universities and over 50 private, government, and nongovernmental organizations in several countries.

Profiling the Massive Infrastructure Behind the Democratic National Committee Cyberintrusion

The Democratic National Committee (DNC) breach was a high-profile cyber attack in recent history. Years later, the cybersecurity community can still benefit from insights and actionable intelligence relevant to the attack. In line with this, WhoisXML API threat researcher Dancho Danchev dove deep into the DNS system intrusion using publicly available indicators of compromise (IoCs). We further enriched his findings, allowing us to uncover:

Is Monkeypox Following COVID-19’s (Digital) Footsteps?

The public attention COVID -- 19 got was truly reflected in the Domain Name System (DNS). And Monkeypox seems to be following the trail the pandemic blazed, though to a smaller extent, as threat actors seem to be using it as the latest phishing lure. How has this new virus been affecting domain registration?

Luxury Jewelry, Anyone? Watch Out for Fakes

Scammers and counterfeiters are always on the lookout for quick gains. And the more expensive the fake item, the bigger the possible gain. It’s no wonder then why they’re looking to mimic the world’s most popular luxury jewelers.

Koobface Makes a Comeback

The Koobface Gang gained notoriety from 2008 to the 2010s for spreading malware via Facebook and other social networks. Believe it or not, the gang amassed millions of dollars from their online scams while hiding in plain sight in St. Petersburg, Russia. After being publicly identified in 2012, the gang members shut down their operations.