Advanced persistent threat (APT) groups will employ any means necessary to compromise the networks of their intended targets. And for Cosmic Leopard, that means using GravityRAT, an Android-based malware, and HeavyLift, a Windows-based malware loader, in their most recent operation Cisco Talos has dubbed "Operation Celestial Force." more
Our research team analyzed more than 21.5 million domains registered between 1 April and 30 June 2024, as seen in the Newly Registered Domains (NRDs) Data Feed. more
Keonne Rodriguez and William Lonergan Hill, founders of Samourai Wallet, a cryptocurrency mixing service, were sentenced in April 2024 and their sites taken down for executing more than US$2 billion in unlawful transactions and laundering more than US$100 million in criminal proceeds. more
Phishing is and remains a top threat. Google alone blocks around 100 million phishing emails daily, and it doesn't help that phishers get extra help from phishing kits -- ready-made cybercrime tools that allow even cybercriminal newbies to launch attacks following a few simple steps. more
Threat researcher Dancho Danchev recently uncovered 130 domains that seemingly belong to fake cryptocurrency sellers. The WhoisXML API research team sought to find potential connections to the threat by expanding the current list of indicators of compromise (IoCs) using our vast array of DNS intelligence sources. more
A new advanced persistent threat (APT) group dubbed "Unfading Sea Haze" has been trailing its sights on various organizations based in countries surrounding the South China Sea. more
Check Point Research reported a Foxit PDF Reader vulnerability that threat actors have begun exploiting, putting the application's users at risk. When exploited, the bug triggers security warnings that may deceive unsuspecting users into executing harmful commands. more
Cybercriminals can launch distributed denial-of-service (DDoS) attacks with relative ease these days by using DDoS booter services, online services that automate the DDoS attack process. more
Intel-Ops researchers recently discovered that the 8Base Ransomware Group has been using Phobos ransomware to infect their targets' networks. 8Base has reportedly been active since mid-2023. more
A decade-old advanced persistent threat (APT) group called "Stately Taurus," also known as "Mustang Panda" and "Earth Preta," was recently observed targeting Association of Southeast Asian Nations (ASEAN) countries in cyberespionage activities. Specifically, Palo Alto Networks observed two malware packages that may have been used to target Japan, Myanmar, the Philippines, and Singapore. more
A World-Renowned Source for Internet Developments. Serving Since 2002.