Researchers unearth two previously unknown Linux backdoors

ESET researchers have identified multiple samples of two previously unknown Linux backdoors: WolfsBane and FireWood. The goal of the backdoors and tools discovered is cyberespionage that targets sensitive data such as system information, user credentia… Continue reading Researchers unearth two previously unknown Linux backdoors

Сrimeware and financial cyberthreats in 2025

Kaspersky’s GReAT looks back on the 2024 predictions about financial and crimeware threats, and explores potential cybercrime trends for 2025. Continue reading Сrimeware and financial cyberthreats in 2025

Aerospace employees targeted with malicious “dream job” offers

It’s not just North Korean hackers who reach out to targets via LinkedIn: since at least September 2023, Iranian threat actor TA455 has been trying to compromise workers in the aerospace industry by impersonating job recruiters on the popular emp… Continue reading Aerospace employees targeted with malicious “dream job” offers

QSC: A multi-plugin framework used by CloudComputating group in cyberespionage campaigns

Kaspersky shares details on QSC modular cyberespionage framework, which appears to be linked to CloudComputating group campaigns. Continue reading QSC: A multi-plugin framework used by CloudComputating group in cyberespionage campaigns

North Korean hackers employ new tactics to compromise crypto-related businesses

North Korean hackers are targeting crypto-related businesses with phishing emails and novel macOS-specific malware. The crypto-related phishing campaign Since July 2024, phishing emails seemingly containing helpful information on risks related to the r… Continue reading North Korean hackers employ new tactics to compromise crypto-related businesses

Beware of phishing emails delivering backdoored Linux VMs!

Unknown attackers are trying to trick Windows users into spinning up a custom Linux virtual machine (VM) with a pre-configured backdoor, Securonix researchers have discovered. The campaign The attack began with a phishing email, they believe, but they … Continue reading Beware of phishing emails delivering backdoored Linux VMs!

Beyond the Surface: the evolution and expansion of the SideWinder APT group

Kaspersky analyzes SideWinder APT’s recent activity: new targets in the MiddleEast and Africa, post-exploitation tools and techniques. Continue reading Beyond the Surface: the evolution and expansion of the SideWinder APT group