FrostyGoop: A New Threat to Industrial Control Systems

FrostyGoop: A New Threat to Industrial Control Systems

In January, a devastating cyber attack targeted an energy company in Lviv, Ukraine, marking the first known use of a new malware specifically designed to harm Industrial Control Systems (ICS). The industrial cybersecurity firm Dragos has identified this malware as FrostyGoop. Discovered in April…


0 Comments4 Minutes

Play Ransomware Hits Linux with New Variant

Play Ransomware Hits Linux with New Variant

Security experts have discovered a fresh Linux version of the Play ransomware (also known as Balloonfly or PlayCrypt) that specifically targets VMware ESXi systems. You might be interested in: Risks of AI Training on Your Data Expanding Attack Surface “This development indicates that the…


0 Comments6 Minutes

HotPage Malware Exploits Kernel Driver on Windows Systems

HotPage Malware Exploits Kernel Driver on Windows Systems

Cybersecurity experts have identified a deceptive advertising module that, under the guise of blocking adverts and harmful websites, secretly installs a kernel driver component. This allows attackers to execute arbitrary code with elevated privileges on Windows systems. You might be interested in:…


0 Comments5 Minutes

MacOS Users Face New Threat from BeaverTail Malware

MacOS Users Face New Threat from BeaverTail Malware

Cybersecurity researchers have uncovered an enhanced version of the BeaverTail malware, previously used by attackers linked to the Democratic People’s Republic of Korea (DPRK) in cyber espionage campaigns targeting job seekers. You might be interested in: Poco RAT Phishing Scam Hits Spanish…


0 Comments5 Minutes

The Konfety Ad Fraud Operation

The Konfety Ad Fraud Operation

Details have emerged regarding a “massive ad fraud operation” that uses hundreds of apps from the Google Play Store to carry out a variety of illegal actions. You might be interested in: Managed Detection and Response (MDR): What is it? The Konfety Campaign Explained The campaign has…


0 Comments6 Minutes

Python Repositories at Risk After GitHub Token Leak

Python Repositories at Risk After GitHub Token Leak

Cybersecurity researchers have discovered an accidentally leaked GitHub token that could have granted elevated access to the GitHub repositories of the Python language, Python Package Index (PyPI), and the Python Software Foundation (PSF). JFrog, the firm that identified the GitHub Personal Access…


0 Comments4 Minutes

Poco RAT Phishing Scam Hits Spanish Speakers

Since at least February 2024, Spanish-language victims have been the target of an email phishing campaign delivering a new remote access trojan (RAT) known as Poco RAT. According to cybersecurity company Cofense, the attacks are mostly targeting the mining, manufacturing, hospitality, and utility…


0 Comments5 Minutes

New Ransomware Targets Veeam Backup Software

A recently patched security issue in Veeam Backup & Replication software is being exploited by EstateRansomware, a new ransomware operation. The Singapore-based Group-IB, which uncovered the threat actor in early April 2024, stated that the modus operandi involves the use of CVE-2023-27532…


0 Comments5 Minutes

Cybersecurity Alert: APT40’s Rapid Exploits

A collaborative advisory has been issued by cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. regarding the cyber espionage group known as APT40, which has ties to China. The advisory warns about APT40’s ability to quickly exploit…


0 Comments5 Minutes

Eldorado Ransomware Attacks Windows and Linux

Eldorado, a burgeoning ransomware-as-a-service (RaaS) organization, offers locker variations for encrypting files on Windows and Linux systems. Eldorado initially emerged on March 16, 2024, when an affiliate program advertisement was placed on the ransomware site RAMP, according to Group-IB,…


0 Comments5 Minutes