Remote access trojans (RATs) can be considered the malware of choice by the world's most notorious advanced persistent threat (APT) groups. And there's a good reason for that. They are hard to detect, making them ideal for lateral movement, and also difficult to get rid of.
Threat actors can often find targeting certain organizations too much of a challenge. So they need to go through what we can consider back channels -- suppliers, vendors, or service providers.
While the usage of internationalized domain names (IDNs) has allowed organizations the world over to enter the global market using their native-language domain names, it can also enable cyber attackers to craft look-alikes of legitimate domains they wish to spoof.
The ReasonLabs Research Team uncovered a new widespread polymorphic malware campaign that forcefully installed extensions on users' systems.
Satori recently published a report on a massive fraud campaign they have dubbed "Konfety" (Russian word for "candy"). Sounds sweet, right?
As if the attention surrounding the upcoming U.S. presidential elections is not enough, the WhoisXML API research team may have unveiled thousands of potential sources of disarray -- election-related cybersquatting domains. These domains may be a lucrative source of income for some people. Case in point?
Fortinet recently discovered a Meduza Stealer variant that has been taking advantage of the Microsoft Windows SmartScreen vulnerability CVE-2024-21412. The Meduza stealer lets remote attackers bypass the SmartScreen security warning dialog to deliver malicious files.
The WhoisXML API research team analyzed more than 7.3 million domains registered between 1 and 31 July 2024 in this post to identify five of the most popular registrars, top-level domain (TLD) extensions, and other global domain registration trends.
Domain Name System Security Extensions (DNSSEC) are security protocol extensions for the Domain Name System (DNS), designed to ensure the integrity and authenticity of DNS data.
Cyber espionage is not uncommon and often occurs between rivals. And though the cyber attackers' tactics and techniques remain the same, their tools do not.