Davis Lu, a 55 year old software developer from Texas has been convicted of planting Logic Bomb to intentionally damage the computer systems at his ex-employer, a MNC Eaton. Davis worked at Eaton from 207 to 2019, could face up to 10 years in prison. Background Lu worked as a software developer at Eaton, which … Continued
XCSSET malware’s latest version targets Xcode projects, that can evade traditional security methods. Its primary motive is to steal sensitive user data and system information and exfiltrate it to remote servers controlled by threat actors. Background XCSSET, a sophisticated malware strain discovered in 2022, has become more dangerous. XCSSET now employs complex obfuscation methods such … Continued
For the last few months, there has been a surge in the distribution of a backdoor known as “DCRat” in the gaming community. This backdoor is available to cybercriminals through a Malware-as-a-Service (MaaS) model. The threat actors also assist cybercriminals in setting up the infrastructure for hosting the C2 servers. Background This backdoor is from … Continued
A recent investigative report has uncovered a connection between the Belsen Group and ZeroSeven Group, with both having connections to Yemen. The Belsen Group was spotlighted for leaking Fortinet data and selling network access. Belsen Group The Belsen Group first appeared on cybercrime forums in early January 2025 under the alias Belsen_Group. Their Initial activity … Continued
Since last year November, the Colombian judicial system has been facing regular cyberattacks orchestrated by the threat actor Blind Eagle(APT-C-36). So far, this campaign has compromised more than 1,600 systems and exposed critical vulnerabilities within critical infrastructure. Who is Blind Eagle Blind Eagle(APT-C-36) is a cyber threat actor active since 2018, primarily targeting government institutions … Continued
A recent investigation has uncovered a sophisticated malware campaign using the SilentCryptominer, a crypto currency mining malware, which is distributed through blackmailing YouTubers. Attackers are coercing YouTubers into promoting malicious phishing like under the guise of legitimate software, leading to widespread, unsuspecting installations among viewers. Modus Operandi It begins by cybercriminals filing false complaints against … Continued
Sidewinder, a notorious APT, (Advanced Persistent Threat) group, has recently upgraded its arsenal and widened its attack scope, with a recent focus on the nuclear reactor and maritime logistics companies. This threat actor is highly active in Southeast Asia, whose primary targets are military and government agencies of Pakistan, China, Sri Lanka, and Nepal. Now … Continued
Threat actors are exploiting AI-generated deepfake videos of Youtube CEO Neal Mohan to deceive content creators into leak their credentials. These fraudulent videos, shared privately, falsely announces changes to YouTube’s monetization policies. Creators who interact with these videos are director to phishing sites designed to steal their credentials. … Continued
The U.S. Secret Service has seized the domain of Garantex, a Russian cryptocurrency exchange known for working with ransomware gangs. This operation, coordinated with international law enforcement agencies like Europol, Duct police, and Germany’s BKA, is part of a broader effort to target illicit crypto activities linked to cybercrime. Background Garantex has been facilitating ransomware … Continued
The DOJ has unsealed multiple indictments against 12 Chinese nationals, including two officers of the Ministry of Public Security (MPS) and the employees of Chinese cybersecurity firm i-Soon. This investigation was carried out by the FBI, NSCS, State Department, and Treasury Department. Why it Matters This Indictment highlights the role of private contractors and freelance … Continued
