DarkGate and Pikabot Copy the QakBot Malware

Recent behavior of DarkGate and PikaBot makes analysts think about them being a return of QakBot

According to researchers, the phishing campaign promoting the DarkGate and PikaBot malware is carried out by the authors or successors of the QBot Trojan (aka QakBot). Information security specialists believe that this is currently the most complex phishing campaign that has appeared since the liquidation of QBot. Is Pikabot A New QakBot? In its report,… Continue reading DarkGate and Pikabot Copy the QakBot Malware

Phobos Ransomware Mimics VX-Underground Researchers

Ransomware criminals from Phobos group released ransomware that masquerades as the development of VX-Underground community

A new version of Phobos ransomware claims to be developed by VX-Underground, a malware info sharing community. Hackers again disguise themselves as information security specialists, ruining their image. How funny or serious is this all? What is Phobos ransomware? Phobos ransomware emerged in 2018 as a ransomware-as-a-service (RaaS), an offshoot of the Crysis ransomware family.… Continue reading Phobos Ransomware Mimics VX-Underground Researchers

Reptar Vulnerability Threatens Intel Processors

Intel discovered a new vulnerabiltiy in their processors, that may allow hackers to escalate privileges

Intel has fixed a serious Reptar vulnerability in various processors for desktops, servers, mobile devices and embedded systems. This has also proven to be a problem for the latest Alder Lake, Raptor Lake, and Sapphire Rapids microarchitectures. The Reptar vulnerability can be used to escalate privileges, gain access to sensitive information, and cause denial of… Continue reading Reptar Vulnerability Threatens Intel Processors

Malicious CPU-Z Copy Is Spread In Google Search Ads

Attackers are again abusing the Google Ads platform to distribute malicious advertising and Redline information stealer. This time, the ads advertised a trojanized version of the CPU-Z tool. CPU-Z Malware in the WindowsReport Page Clone Recently, a wave of malicious ads on Google Search results page offered users a Trojan-infected version of the popular CPU-Z… Continue reading Malicious CPU-Z Copy Is Spread In Google Search Ads

North Korean Hackers Force US, Japan & South Korea Consultations

Countries join forces to counter attacks by North Korean hackers

Increased activity by North Korean state hackers forced South Korea, the United States and Japan to create a special advisory group to coordinate cybersecurity efforts. The idea of consolidating efforts, apparently, was discussed back in August, at the international summit at Camp David. The decision was made last week following negotiations in Washington between Anne… Continue reading North Korean Hackers Force US, Japan & South Korea Consultations

Conti Members Are Back in Action as Part of Akira Ransomware

Hackers from the extinct Conti ransomware gang now allegedly work for Akira extortion group

Experts are intestigating activity of the ransomware group Akira, which has compromised at least 63 organizations since March 2023, mostly targeting small and medium-sized businesses. Analysts at Arctic Wolf believe that Akira may be backed by several people associated with the ceased Conti group. Conti Hackers Work in Akira Ransomware Group As mentioned above, Akira… Continue reading Conti Members Are Back in Action as Part of Akira Ransomware

Google Is Working on an Information Security Project Called Web Integrity API

A team of four Google engineers is working on a new project called the Web Environment Integrity API, which will allow sites to block client applications that change their code. In addition to the obvious security benefits, the new API will actually allow Google and site operators to effectively deal with ad blockers. As you… Continue reading Google Is Working on an Information Security Project Called Web Integrity API

Google Creates a Red Team to Attack AI Systems

Google says it is creating a red team that will specialize in “sophisticated technical attacks on AI systems.” Among examples of such attacks, the company’s report lists prompt engineering, extracting information from LLM training data, and so on. In its report, Google highlights the importance of the AI red team, and also lists the different… Continue reading Google Creates a Red Team to Attack AI Systems

Trojan HotRat Is Distributed through Pirated Versions of Software and Games

Avast experts have warned that a new variant of AsyncRAT malware, called HotRat, is distributed through pirated versions of popular programs and utilities. This includes games, Microsoft Office, and audio and image editing software. That is not the only malware activated via an unusual spreading channel. We recently covered the IcedID and Gozi trojans spreading… Continue reading Trojan HotRat Is Distributed through Pirated Versions of Software and Games

Vulnerability in WordPress Plugin WooCommerce Payments Is Actively Used to Hack Sites

Hackers use a vulnerability in the widely used WooCommerce Payments WordPress plugin to gain privileges of any user, including administrator, on vulnerable sites. WooCommerce Payments is a popular WordPress plugin that allows websites to accept credit cards as a payment method in WooCommerce stores. According to official statistics, the plugin has over 600,000 active installations.… Continue reading Vulnerability in WordPress Plugin WooCommerce Payments Is Actively Used to Hack Sites