Threat Intelligence |
Sponsored by |
|
For roughly US$100, threat actors can purchase RedLine Stealer, a malware-as-a-service (MaaS) program first detected in March 2020 that continues to wreak havoc to this day. The malware can steal information from infected devices, including autocomplete and saved information on browsers. more
WithSecure recently unveiled a malicious campaign dubbed "Ducktail," which trailed its sights on Facebook business owners and advertisers. Believed to be run by Vietnamese operators, Ducktail uses malware to steal data from victims and hijack vulnerable Facebook business properties. more
Stealth is a typical goal for most threat actors when launching malware and other attacks. The better hidden a malware is, the more effective an attack becomes. And that is what fast-rising data stealer Aurora is gaining notoriety for. more
DEV -- 0569, a threat actor Microsoft has been monitoring, was recently observed deploying Royal ransomware via pages posing as legitimate software download sites and repositories, among other stealthy tactics. He has so far used fake download sites for Adobe Flash Player, AnyDesk, Zoom, and TeamViewer in phishing emails and domains. more
WhoisXML API's IP intelligence now includes Regulatory Compliance IP Data Feeds available as separate IP geolocation and IP netblocks files. These data feeds are filtered to only provide the IP geolocation and ownership data of IP addresses from sanctioned or restricted locations as specified by different regulatory authorities. more
In the realm of cybersecurity, seizing domains unfortunately doesn't always mean the end for the threats they pose. Such could be the case for the 18 domains U.S. law enforcement agents recently took offline for their ties to a money mule recruitment operation reported by Bleeping Computer. more
SecurityScorecard published a report on a cyber attack that a U.S. county victim announced on 11 September 2022. With ransomware attacks against local government units increasing in the past few years, WhoisXML API researchers decided to build on the list of IP addresses related to the attacks. more
Zimperium zLabs threat researchers recently reported the case of the Cloud9 Chrome Botnet, and rightly so. Many of us seem to forget just how much information cybercriminals can steal from our browsers. more
The Pakistan-India rivalry has been going on for some time now, not just in sports events but also online in the form of cyber attacks. Zscaler ThreatLabz has been monitoring a result of this ongoing friction -- Transparent Tribe, also known as "APT -- 36" -- since the start of this year. more
The threat actor dubbed "RomCom," known for deploying spoofed versions of popular software, has been quite busy these past few months. In the past, he was seen imitating Advanced IP Scanner and PDF Filler. More recently, though, he's been targeting Ukraine, the U.K., and other English-speaking countries by spoofing SolarWinds, KeePass, PDF Reader Pro, and Veeam. more
A World-Renowned Source for Internet Developments. Serving Since 2002.
