Lazarus APT conceals malicious code within BMP image to drop its RAT

The North Korean APT uses a clever technique to bypass security products by embedding one of its payload as a BMP image.

Read more

Aurora campaign: Attacking Azerbaijan using multiple RATs

We identified a new Python-based RAT targeting Azerbaijan from the same threat actor we profiled a month ago.

Read more

New steganography attack targets Azerbaijan

A lure document targeting Azerbaijan uses steganography to conceal a remote administration Trojan.

Read more

A week in security (January 4 – January 10)

A roundup of cybersecurity news from January 4 – January 10, including a ransomware attack, a new Bitcoin sextortion scam, VPN usage, and more.

Read more

Phishers spoof reliable cybersecurity training company to garner clicks

In a recent campaign, phishers were seen taking advantage of user trust on KnowBe4 and stealing their work email credentials.

Read more

New LNK attack tied to Higaisa APT discovered

We describe a new spearphishing campaign tied to the potential North Korean Higaisa APT group.

Read more

New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app

The Lazarus group improves their toolset with a new RAT specifically designed for the Mac.

Read more

Fake “Corona Antivirus” distributes BlackNET remote administration tool

Beware of fraudulent antivirus products taking advantage of the COVID-19 crisis.

Read more

APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT

We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data.

Read more

A week in security (January 20 – 26)

A roundup of the previous week’s most notable security stories and events, including tech support scams, deepfakes, and the latest ransomware attack in Florida.

Read more

Select your language