Tracing the Path of VietCredCare and DuckTail: Vietnamese dark market of infostealers’ data

CategoryDetailsThreat ActorsVietCredCare and DuckTail operators (believed to be Vietnamese).Campaign OverviewTwo distinct malware families, VietCredCare and…

Stealthy Attributes of APT Lazarus: Evading Detection with Extended Attributes

CategoryDetailsThreat ActorsAPT LazarusCampaign OverviewNew technique for code smuggling using custom extended attributes (EAs) in macOS…

Embargo Ransomware: Rock’n’Rust

CategoryDetailsThreat ActorsEmbargo ransomware group (Rust-based ransomware).Campaign OverviewActive since June 2024; targets US companies; uses MDeployer…

RomCom exploits Firefox and Windows zero days in the wild

CategoryDetailsVulnerability IdentifiedCVE-2024-9680: A use-after-free bug in the animation timeline feature in Firefox, Thunderbird, and Tor…

Bootkitty: Analyzing the first UEFI bootkit for Linux

CategoryDetailsThreat ActorsBootkitty creators (unknown); proof-of-concept UEFI bootkit targeting LinuxCampaign OverviewFirst UEFI bootkit targeting Linux systems,…

Threat Hunting Case Study: Uncovering Turla

CategoryDetailsThreat ActorsTurla (FSB's Center 16), Russia's state-sponsored cyber espionage groupCampaign OverviewFocused on cyber espionage, targeting…

A Look at Trending Chinese APT Techniques

CategoryDetailsChina's Global AmbitionsMilitary, technological, and economic powers driving its challenge to the global order, with…

OSINT Updates for November 28 , 2024

https://twitter.com/fofabot/status/1862072003907440752 GitLab has released critical security updates for Community and Enterprise Editions, addressing multiple vulnerabilities,…

Mimic Ransomware: What You Need To Know

Category Details Threat Actor/Family Mimic ransomware family (possibly linked to Conti ransomware). First Seen 2022…

APT trends Report Q3 2024

Category Details Threat Actor/Family Unknown, possibly linked to OceanLotus (APT32) but not conclusively attributed. Framework…