Author Archives: Ravie Lakshmanan

Companies based in the U.S. have been at the receiving end of an “aggressive” Qakbot malware campaign that leads to Black Basta ransomware infections on compromised networks.
“In this latest campaign, the Black Basta ransomware gang is using QakBot ma… Continue reading Black Basta Ransomware Gang Actively Infiltrating U.S. Companies with Qakbot Malware→

As many as 34 Russian-speaking gangs distributing information-stealing malware under the stealer-as-a-service model stole no fewer than 50 million passwords in the first seven months of 2022.
“The underground market value of stolen logs and compromise… Continue reading 34 Russian Cybercrime Groups Stole Over 50 Million Passwords with Stealer Malware→

The operators of the Ducktail information stealer have demonstrated a “relentless willingness to persist” and continued to update their malware as part of an ongoing financially driven campaign.
“The malware is designed to steal browser cookies and ta… Continue reading Ducktail Malware Operation Evolves with New Malicious Capabilities→

Microsoft on Tuesday disclosed the intrusion activity aimed at Indian power grid entities earlier this year likely involved the exploitation of security flaws in a now-discontinued web server called Boa.
The tech behemoth’s cybersecurity division said… Continue reading Hackers Exploiting Abandoned Boa Web Servers to Target Critical Industries→

Meta Platforms on Tuesday said it took down a network of accounts and pages across Facebook and Instagram that were operated by people associated with the U.S. military to spread narratives that depicted the country in a favorable light in the Middle … Continue reading Meta Takes Down Fake Facebook and Instagram Accounts Linked to Pro-U.S. Influence Operation→

A nascent and legitimate penetration testing framework known as Nighthawk is likely to gain threat actors’ attention for its Cobalt Strike-like capabilities.
Enterprise security firm Proofpoint said it detected the use of the software in mid-September… Continue reading Nighthawk Likely to Become Hackers’ New Post-Exploitation Tool After Cobalt Strike→

A malicious extension for Chromium-based web browsers has been observed to be distributed via a long-standing Windows information stealer called ViperSoftX.
Czech-based cybersecurity company dubbed the rogue browser add-on VenomSoftX owing to its stan… Continue reading This Malware Installs Malicious Browser Extensions to Steal Users’ Passwords and Cryptos→

A nascent Go-based malware known as Aurora Stealer is being increasingly deployed as part of campaigns designed to steal sensitive information from compromised hosts.
“These infection chains leveraged phishing pages impersonating download pages of leg… Continue reading Researchers Warn of Cyber Criminals Using Go-based Aurora Stealer Malware→

The Luna Moth campaign has extorted hundreds of thousands of dollars from several victims in the legal and retail sectors.
The attacks are notable for employing a technique called callback phishing or telephone-oriented attack delivery (TOAD), wherein… Continue reading Luna Moth Gang Invests in Call Centers to Target Businesses with Callback Phishing Campaigns→

The U.S. Justice Department (DoJ) on Monday announced the takedown of seven domain names in connection to a “pig butchering” cryptocurrency scam. The fraudulent scheme, which operated from May to August 2022, netted the actors over $10 million from fi… Continue reading U.S. Authorities Seize Domains Used in ‘Pig butchering’ Cryptocurrency Scams→