Cybersecurity

Eternity’s LilithBot, Soon Available to Regular Internet Users?

Eternity, also known as the "EternityTeam" or "Eternity Project," has been active since January 2022 and tied to the Jester Group. It gained infamy for using the as-a-service subscription model to distribute its own brand of malware modules via underground forums.

A Closer Look at Active Cyber Jihad Web Properties

Cyber jihad loosely refers to Islamic extremist terrorists' use of the Internet as a communications, fundraising, recruitment, training, and planning tool in their war against their enemies. Some of their most commonly cited enemies include the U.S., Western European countries, secular Arab governments, and Israel.

Alleviating BlackEnergy-Enabled DDoS Attacks

BlackEnergy first appeared in 2007. Designed to launch distributed denial-of-service (DDoS) attacks or download customized spam or banking data-stealer plug-ins, it was again used to target the State Bar of Georgia last May

Insights Into an Active Spam Domain Portfolio

Malicious spam, possibly the oldest kind of cyber threat, likely remains one of enterprises' biggest security concerns. Regardless of form and affected device, clicking a malicious link embedded in a spam email or downloading a malware-laden attachment can lead to financial, data, or identity theft.

Where Domain Security Meets the Supply Chain Crunch

New research from CSC indicates that fraudsters took advantage of the 2022 supply chain shortages to target consumers with fake websites.

Should Cracks and Keygens Remain a Cybersecurity Concern?

Cracks and keygens have long been a problem for software vendors in that they allow users to install their products without needing to pay for a legitimate license. As the Internet and website development advanced and became more accessible, the number of sites offering software cracking tools grew.

The Inner Workings of the Russian Business Network

The Russian Business Network (RBN) claimed to be a legitimate Internet service provider (ISP) back in 2006. Shortly after establishing its business, however, it gained notoriety for hosting the sites owned by spammers, malware operators, distributed denial-of-service (DDoS) attackers, and other cybercriminals.

Probing an Active Digital Trail of Iranian Hackers

WhoisXML API threat researcher Dancho Danchev obtained a publicly accessible list of email addresses known to be owned and used by Iranian hackers. The email addresses led us to more than 4,400 domain names, any of which can be weaponized and used in phishing, credential theft, and other forms of cyber attacks.

Who Could Be Behind the Latest GitHub-Hosted Malware Infrastructure?

GitHub is a popular code repository used by almost all software developers. Anyone can access it to share their code with practically anyone interested. Unfortunately, not every GitHub user is trustworthy. It has, in fact, been used to host malware at least a couple of times.

Should We Consider the Maze Ransomware Extinct?

The Maze Ransomware Group is one of the most notorious threat actor groups targeting large enterprises, such as Cognizant, Xerox, and Canon, and stealing massive amounts of sensitive data. Some of their ransomware distribution methods include spamming, phishing, and brute forcing.