LodaRAT: Established Malware, New Victim Patterns

CategoryDetailsThreat ActorsUnknown, potentially a wide range of actors using LodaRAT, as the source code is…

EyeSpy – Iranian Spyware Delivered in VPN Installers

CategoryDetailsThreat ActorsCybercriminals using Trojanized VPN installers to deliver the SecondEye spyware, developed in Iran.Campaign OverviewA…

Unmasking the SYS01 Infostealer Threat: Bitdefender Labs Tracks Global Malvertising Campaign Targeting Meta Business Pages

CategoryDetailsThreat ActorsCybercriminals behind the SYS01 InfoStealer malvertising campaign.Campaign OverviewA growing malvertising campaign using Meta’s advertising…

Encrypted Symphony: Infiltrating the Cicada3301 Ransomware-as-a-Service Group

CategoryDetailsGroup OverviewCicada3301 Ransomware group, discovered in June 2024, operates as a Ransomware-as-a-Service (RaaS) targeting organizations…

Tracing the Path of VietCredCare and DuckTail: Vietnamese dark market of infostealers’ data

CategoryDetailsThreat ActorsVietCredCare and DuckTail operators (believed to be Vietnamese).Campaign OverviewTwo distinct malware families, VietCredCare and…

Stealthy Attributes of APT Lazarus: Evading Detection with Extended Attributes

CategoryDetailsThreat ActorsAPT LazarusCampaign OverviewNew technique for code smuggling using custom extended attributes (EAs) in macOS…

Embargo Ransomware: Rock’n’Rust

CategoryDetailsThreat ActorsEmbargo ransomware group (Rust-based ransomware).Campaign OverviewActive since June 2024; targets US companies; uses MDeployer…

RomCom exploits Firefox and Windows zero days in the wild

CategoryDetailsVulnerability IdentifiedCVE-2024-9680: A use-after-free bug in the animation timeline feature in Firefox, Thunderbird, and Tor…

Bootkitty: Analyzing the first UEFI bootkit for Linux

CategoryDetailsThreat ActorsBootkitty creators (unknown); proof-of-concept UEFI bootkit targeting LinuxCampaign OverviewFirst UEFI bootkit targeting Linux systems,…

Threat Hunting Case Study: Uncovering Turla

CategoryDetailsThreat ActorsTurla (FSB's Center 16), Russia's state-sponsored cyber espionage groupCampaign OverviewFocused on cyber espionage, targeting…