As all initial-access threats go, SocGholish is among the trickiest. It often comes disguised as software updates, deceiving victims into downloading a malicious payload that could eventually lead to more lethal cyber attacks. In fact, researchers at ReliaQuest found evidence that an initial SocGholish malware distribution was intended to deploy ransomware. more
AutoIT-compiled malware and Dridex trace their roots to as far back as 2008 and 2014, respectively. As malware variants go, therefore, they've both had a long history and taken on various forms over time. But despite having been detected and consequently blocked with each new version, they're still alive and kicking -- a testament to their persistence. more
More sophisticated BazarCall campaigns have been circulating and delivering ransomware entry points to victims. While the bait still involves urgent notification emails about nonexistent purchases or subscriptions, the subsequent phase highlights the threat actors' manipulative skills. more
Eternity, also known as the "EternityTeam" or "Eternity Project," has been active since January 2022 and tied to the Jester Group. It gained infamy for using the as-a-service subscription model to distribute its own brand of malware modules via underground forums. more
BlackEnergy first appeared in 2007. Designed to launch distributed denial-of-service (DDoS) attacks or download customized spam or banking data-stealer plug-ins, it was again used to target the State Bar of Georgia last May more
Two cyber threats recently caught the attention of WhoisXML API researchers, primarily since parts of their infection chain hide behind legitimate services. This tactic is tricky for security teams because blocking the domains involved means blocking legitimate applications, too. more
Cyber attackers typically use newly registered domains (NRDs) in their campaigns to evade detection, particularly since the implementation of privacy protection in WHOIS records. But some also use aged domains like the SolarWinds hackers to render a sense of legitimacy to their pages. more
It is quite natural to get prompts from software manufacturers saying you need to update your installed apps every so often for better security or to fix bugs. But you should know, too, that threat actors often use program update notifications as malware distribution vehicles. more
The Internet has been abuzz with talks about Elon Musk buying Twitter since he made an initial offer of US$44 billion on 14 April 2022. The even bigger news? Twitter accepted the offer despite some employees' qualms about Musk's future plans for the company. more
We're supposed to spoil our mothers on Mothers' Day, but with various scams out there, you may end up losing money or with a malware-infected device. WhoisXML API researchers found more than a thousand digital properties that could be used in Mothers' Day scams. more
A World-Renowned Source for Internet Developments. Serving Since 2002.