Threat Actors Leveraging WebDAV Servers for Covert Operations Threat Actors (TAs) frequently utilize multistage attacks to increase the likelihood of successfully delivering malicious payload by evading detection from antivirus products and creating a complex and intricate attack structure that poses challenges for analysis. The TAs commonly employ LOLBin (Living Off the Land Binary) in
Sneaky XWorm Uses MultiStaged Attack Read More »
The Shift from RSS Feeds in Data Extortion ALPHV ransomware has gained attention recently due to its distinctive and unconventional methods deployed on its leak sites. Recently ALPHV ransomware released a Python crawler designed to synchronize their leak posts and attachments with any database. The crawler has a feature that ensures that only modified or
ALPHV Ransomware Data Leak Site Embraces API Integration Read More »
Cookie Stealer Leveraging Telegram for Data Exfiltration Microsoft’s Visual Studio is a highly popular Integrated Development Environment (IDE) that empowers developers to create diverse applications. However, the software’s widespread usage has attracted the attention of cybercriminals, leading them to craft nefarious schemes aimed at deceiving and victimizing unsuspecting users. In response to the continued popularity
Threat Actor Targeting Developers via Trojanized MS Visual Studio Read More »
Cyble Research and Intelligence Labs analyzes Threat Actors spreading Luca Stealer disguised as a beta version of Microsoft Crypto Wallet.
Fabricated Microsoft Crypto Wallet Phishing Site Spreads Infostealer Read More »
Cyble Research and Intelligence Labs analyzes Kanti, a new NIM-based ransomware targeting cryptocurrency users.
Kanti: A NIM-Based Ransomware Unleashed in the Wild Read More »
Cyble Research & Intelligence Labs analyzes a trojanized version of the TeamViewer application and how it distributes njRAT.
Trojanized Application Preying on TeamViewer Users Read More »
