Threat researcher Dancho Danchev recently uncovered 130 domains that seemingly belong to fake cryptocurrency sellers. The WhoisXML API research team sought to find potential connections to the threat by expanding …
Author: CircleID
A new advanced persistent threat (APT) group dubbed “Unfading Sea Haze” has been trailing its sights on various organizations based in countries surrounding the South China Sea. As it turns …
Check Point Research reported a Foxit PDF Reader vulnerability that threat actors have begun exploiting, putting the application’s users at risk. When exploited, the bug triggers security warnings that may …
Cybercriminals can launch distributed denial-of-service (DDoS) attacks with relative ease these days by using DDoS booter services, online services that automate the DDoS attack process.
WhoisXML API threat researcher Dancho …
Intel-Ops researchers recently discovered that the 8Base Ransomware Group has been using Phobos ransomware to infect their targets’ networks. 8Base has reportedly been active since mid-2023.
The Phobos operators have …
A decade-old advanced persistent threat (APT) group called “Stately Taurus,” also known as “Mustang Panda” and “Earth Preta,” was recently observed targeting Association of Southeast Asian Nations (ASEAN) countries in …
More than 30.6 billion records have been exposed in 2024 so far based on 8,839 publicly disclosed incidents. Intensifying cybersecurity efforts has thus become more critical than ever for organizations …
Bleeping Computer recently reported that a phishing-as-a-service (PhaaS) available in cybercriminal forums dubbed “Typhoon 2FA” has the ability to compromise Microsoft 365 and Google accounts even if users have two-factor …
The 2024 U.S. tax season is well underway, and as usual, scams of all kinds targeting taxpayers and causing the Internal Revenue Service (IRS) problems have cropped up. One such …
A new info-stealing malware called “TimbreStealer” is in town. Cisco Talos detected its distribution through a phishing campaign targeting Mexico. The threat actors used finance-themed phishing emails to lure victims …
After analyzing 21+ million newly registered domains (NRDs) added from 1 January to 31 March 2024, our researchers found that the new domain registration volume declined by about 32% from …
Threat actors have been abusing App Installer, a Windows 10 feature that makes installing applications more convenient. The abuse could lead to ransomware distribution and was likely carried out by …
macOS has been gaining the unwanted attention of more and more backdoor operators since late 2023.
In February 2024, Bitdefender uncovered RustDoor, which was written in Rust and possibly has …
Group-IB uncovered ResumeLooters, a threat actor group specializing in victimizing job hunters to steal their personally identifiable information (PII). Along with their in-depth threat analysis, they identified 15 indicators of …
In the past two decades, at least 41 advanced persistent threat (APT) groups have launched attacks on entities and organizations based in North America.
In a recent analysis, the WhoisXML …
The Citizen Lab recently uncovered an ongoing online propaganda campaign they have dubbed “PAPERWALL” that has been targeting local news outlets across 30 countries in Europe, Asia, and Latin America.…
VexTrio, a traffic distribution system (TDS) provider believed to be an affiliate of ClearFake and SocGholish, among other threat actors, has been active since 2017. While many security researchers have …
Among the latest to suffer from zero-day exploitation is Ivanti, a software company providing endpoint management and remote access solutions to various organizations, including U.S. federal agencies. High-impact zero-day vulnerabilities …
Law enforcement agencies shut down xDedic, a cybercrime-as-a-service (CaaS) marketplace specifically providing web servers to cybercriminals, back in 2019. However, WhoisXML API threat researcher Dancho Danchev posits that parts of …
New kids on the cybercrime block, pig butchering scams, have been making waves lately, and it is not surprising why. Scammers have been earning tons from them by being able …