In a significant move to disrupt global cybercrime infrastructure, the United States Department of Justice (DoJ) has seized four internet domains that were aiding cybercriminals through crypting services. These domains were integral to malicious operations, offering crypting services that enabled threat actors to disguise malware from cybersecurity tools. The coordinated …
Prabin Sethi Ransomware Groups in Chaos After 300 Servers Seized Globally
Law enforcement agencies worldwide have delivered a devastating blow to cybercriminal organizations. Europol coordinated a massive international operation targeting ransomware networks across multiple continents. The operation resulted in the seizure of 300 servers and €3.5 million in cryptocurrency. The Scale of the Operation This coordinated strike represents one of the …
MarsSnake Malware: APT31’s Covert Infiltration of Saudi Networks
A new cyber-espionage campaign has been uncovered. It involves Chinese state-sponsored hackers. These attackers used a backdoor named “MarsSnake.” The campaign targeted a major organization in Saudi Arabia. It lasted for several years. This attack shows the growing sophistication of state-backed hacking operations. Discovery and Attribution Cybersecurity researchers discovered the …
Skitnet: The New Stealth Weapon Powering Ransomware Gangs
In recent cybersecurity developments, a new malware strain named “Skitnet” has emerged as a potent weapon in the arsenal of modern ransomware gangs. Unlike traditional ransomware that primarily focuses on encrypting files and demanding payment for decryption, Skitnet is a stealthy and multifaceted remote access trojan (RAT). It enables cybercriminals …
Backdoor Alert: Fake WordPress Plugin Grants Admin Access
In the vast and ever-evolving landscape of cybersecurity threats, WordPress has remained a constant target due to its widespread use and open-source nature. While the platform offers flexibility and a robust plugin ecosystem, it also presents significant opportunities for exploitation. Recently, a new threat emerged in the form of a …
Windows Defender Bypassed Using Microsoft’s WinDbg
A recent cyberattack revealed a new method used by hackers. They bypassed Windows Defender policies using WinDbg Preview. This app, developed by Microsoft, is available on the Microsoft Store. It’s mainly a debugging tool. But attackers repurposed it to launch stealthy attacks. This breach shows how even trusted software can …
Supply Chain Attack: PyPI Malware Steals Sensitive Info
What Happened? In a startling revelation, cybersecurity researchers have discovered a series of malicious Python packages uploaded to PyPI (Python Package Index), the official repository for Python libraries. These packages were downloaded more than 39,000 times, spreading stealth malware to unsuspecting developers around the globe. This campaign is part of …
FIN7 Exploits SharePoint to Deploy Anubis Backdoor
Cybercriminal groups are constantly evolving their tactics to breach enterprise networks, and FIN7 is no exception. The notorious hacking group, known for its financially motivated cyberattacks, has recently been observed deploying the Anubis backdoor to hijack Windows systems. This latest campaign involves exploiting compromised Microsoft SharePoint sites to distribute malicious …
Fileless Cryptojacking Campaign Exploits 1k+ PostgreSQL Servers
A recent large-scale cyberattack has compromised over 1,500 PostgreSQL servers in a sophisticated fileless cryptocurrency mining campaign. The attackers exploit weak security configurations to deploy cryptojacking malware, which hijacks computing resources to mine cryptocurrencies without the knowledge or consent of the server owners. This incident underscores the growing threat to …
Earth Alux: China-Linked APT Uses VARGEIT & COBEACON
Recent cybersecurity investigations have revealed a series of highly sophisticated cyber intrusions attributed to a threat actor group known as “Earth Alux.” This group, believed to be linked to China, has been engaging in prolonged and stealthy cyber-espionage operations, targeting organizations worldwide. Their use of advanced malware tools—VARGEIT and COBEACON—demonstrates …