Earlier this month, ReversingLabs published a report on the current state of software supply chain security. They stated that the volume of such attacks using npm and PyPI code have increased by a combined 289% in the past four years. The research also cited two npm attacks as evidence -- IconBurst and Material Tailwind. more
For roughly US$100, threat actors can purchase RedLine Stealer, a malware-as-a-service (MaaS) program first detected in March 2020 that continues to wreak havoc to this day. The malware can steal information from infected devices, including autocomplete and saved information on browsers. more
WithSecure recently unveiled a malicious campaign dubbed "Ducktail," which trailed its sights on Facebook business owners and advertisers. Believed to be run by Vietnamese operators, Ducktail uses malware to steal data from victims and hijack vulnerable Facebook business properties. more
DEV -- 0569, a threat actor Microsoft has been monitoring, was recently observed deploying Royal ransomware via pages posing as legitimate software download sites and repositories, among other stealthy tactics. He has so far used fake download sites for Adobe Flash Player, AnyDesk, Zoom, and TeamViewer in phishing emails and domains. more
In the realm of cybersecurity, seizing domains unfortunately doesn't always mean the end for the threats they pose. Such could be the case for the 18 domains U.S. law enforcement agents recently took offline for their ties to a money mule recruitment operation reported by Bleeping Computer. more
SecurityScorecard published a report on a cyber attack that a U.S. county victim announced on 11 September 2022. With ransomware attacks against local government units increasing in the past few years, WhoisXML API researchers decided to build on the list of IP addresses related to the attacks. more
Zimperium zLabs threat researchers recently reported the case of the Cloud9 Chrome Botnet, and rightly so. Many of us seem to forget just how much information cybercriminals can steal from our browsers. more
The Pakistan-India rivalry has been going on for some time now, not just in sports events but also online in the form of cyber attacks. Zscaler ThreatLabz has been monitoring a result of this ongoing friction -- Transparent Tribe, also known as "APT -- 36" -- since the start of this year. more
The threat actor dubbed "RomCom," known for deploying spoofed versions of popular software, has been quite busy these past few months. In the past, he was seen imitating Advanced IP Scanner and PDF Filler. More recently, though, he's been targeting Ukraine, the U.K., and other English-speaking countries by spoofing SolarWinds, KeePass, PDF Reader Pro, and Veeam. more
You may be wondering who Robin Banks is, but you should instead ask what Robin Banks is. Robin Banks is a phishing-as-a-service (PhaaS) platform that first surfaced in March this year. The name is a play on the phrase "robbing banks," coined by IronNet researchers who introduced the malicious platform to the world. more
A World-Renowned Source for Internet Developments. Serving Since 2002.