LummaC2 Malware's Advanced Anti-Sandbox Techniques
LummaC2, a notorious malware-as-a-service (MaaS), has developed sophisticated evasion techniques to circumvent security measures and exfiltrate sensitive data from compromised systems. The…
Evidence-led cyber threat intelligence for defenders. Incident reports, actor profiles and vulnerability analysis — written for the people who have to act on it.
LummaC2, a notorious malware-as-a-service (MaaS), has developed sophisticated evasion techniques to circumvent security measures and exfiltrate sensitive data from compromised systems. The…
The NetSupport RAT has emerged as a significant cyber threat, exploiting legitimate remote administration tools for malicious purposes. This report provides an in-depth analysis of recent…
Recent academic research has uncovered a significant vulnerability in Secure Shell (SSH) servers, a widely used protocol for secure communication in tasks like remote system access, file…
APT29, a Russian hacker group, has strategically employed the CVE-2023-38831 vulnerability in WinRAR in a series of cyberattacks targeting embassies. Known for its various aliases, including Cozy…
Morgan Stanley, a renowned multinational investment bank and financial services company, has been fined $6.5 million due to insecure disposal of hardware containing unencrypted personal…
The LockBit ransomware group has emerged as a formidable cyber threat, targeting large corporations and disrupting global operations. This blog post delves into the recent activities of LockBit,…
LockBit ransomware group has restructured its negotiation methods, addressing declining ransom payments. The lack of standard negotiation protocols previously led to varied results, with many…
The British Museum, a renowned cultural institution in the UK, suffered a significant cyberattack in late October 2023. The attack resulted in a major IT outage, disrupting essential services.…
Boeing, a renowned aerospace company, recently fell victim to a cybersecurity incident perpetrated by the LOCKBIT ransomware group. The attack, which came to light in late October 2023, is a vivid…
In recent months, Citrix systems have faced significant cybersecurity challenges. The discovery of critical vulnerabilities, notably CVE-2023-4966 (Citrix Bleed) and CVE-2023-4967, has put…
The Industrial and Commercial Bank of China (ICBC), the world’s largest commercial bank, experienced a ransomware attack on its U.S. arm, ICBC Financial Services (FS). This incident, occurring on…
Since February 2023, APT35, a notorious Iranian-backed threat actor, has been intensifying its cyber operations with a series of global password spray attacks. These attacks represent a strategic…