Skip to content

Cybersecurity News Everyday

Stay Ahead of Cyber Threats – Daily Security Insights, Powered by AI

    • Cyber Attack & Data Breach
    • Daily Recap
    • Disclaimer
    • Hacked: Web Defacement
    • My Bookmarks
    • Security Report
    • User Bookmark Dashboard
    • Web Statistics
    • YouTube Overview
    • Welcome!
    • Threat Research
    • Security News
    • Ransom Monitor
    • Interesting Stuff

Category: Threat Research

Threat Research

Aoqin Dragon | Newly-Discovered Chinese-linked APT Has Been Quietly Spying On Organizations For 10 Years

May 26, 2022October 17, 2025 Securonix

Aoqin Dragon is a long-running Chinese-speaking APT tracked by SentinelLabs, active since 2013 and targeting government, education, and telecom organizations in Southeast Asia and Australia. The group uses document exploits, fake removable devices, DLL hijacki…

Read More
Threat Research

Cyble – Bumblebee Loader On The Rise

May 26, 2022October 14, 2025 Securonix

Bumblebee is a sophisticated loader that replaces BazarLoader and delivers frameworks like Cobalt Strike, Shellcode, Sliver, and Meterpreter, while also dropping other malware such as ransomware. It is distributed via spear-phishing ISO downloads, employs exte…

Read More
Threat Research

Crypto stealing campaign spread via fake cracked software

May 26, 2022October 16, 2025 Securonix

The FakeCrack campaign lures users with fake cracked software and delivers a crypto-stealing malware that collects browser data, crypto wallets, and other sensitive information. It relies on a broad delivery infrastructure, password-protected ZIP payloads, and…

Read More
Threat Research

Popping Eagle: How We Leveraged Global Analytics to Discover a Sophisticated Threat Actor

May 25, 2022October 15, 2025 Securonix

Palo Alto Networks’ analytics uncovered a sophisticated threat operation centered on the Popping Eagle malware family, with a Go-based second stage (Going Eagle) used for control and lateral movement. The campaign abused DLL hijacking to load a proxy DLL, esta…

Read More
Threat Research

Tales From the Honeypot: WatchDog Evolves With a New Multi-Stage Cryptojacking Attack

May 25, 2022October 15, 2025 Securonix

WatchDog has evolved a multi-stage cryptojacking campaign that targets exposed Docker Engine API endpoints and Redis servers, repurposing TeamTNT payloads while attempting to foil attribution. The attack uses timestomping, process hiding, and worm-like propaga…

Read More
Threat Research

Shining the Light on Black Basta

May 25, 2022October 14, 2025 Securonix

Researchers document Black Basta’s observed TTPs during a recent incident response, detailing lateral movement, defense evasion, discovery, and encryption activities against Hyper-V environments and Veeam backups. The post also provides a technical breakdown o…

Read More
Threat Research

Cuba Ransomware Group’s New Variant Found Using Optimized Infection Techniques

May 25, 2022October 18, 2025 Securonix

Trend Micro Research analyzed a resurgence of the Cuba ransomware group with a new variant that uses optimized infection techniques, including a new staging downloader. The update also expands safelists, adds victim support features, and implements double exto…

Read More
Threat Research

Operation(काराकोरम) Tejas:蜷居在昆仑山脉的残喘枯象

May 25, 2022October 13, 2025 Securonix

The report analyzes how the MangLingHua group (APT-Q-37) has updated its phishing and delivery techniques, including CHM attachments and DDE automation, to target defense contractors such as the Bangladesh Navy. It also covers related activity from APT-Q-41 (M…

Read More
Threat Research

Will the Real Msiexec Please Stand Up? Exploit Leads to Data Exfiltration

May 24, 2022October 15, 2025 Securonix

Threat actors exploited CVE-2021-44077 to gain initial access to an internet-facing ManageEngine SupportCenter Plus instance, planted a web shell, and began days-long data exfiltration via web shell and RDP. The operation involved Plink-based SSH tunneling, LS…

Read More
Threat Research

From the Front Lines | Another Rebrand? Mindware and SFile Ransomware Technical Breakdown

May 24, 2022October 16, 2025 Securonix

Mindware is a ransomware operation active since March 2022, likely a rebrand of SFile, with attacks across healthcare and other sectors. It leverages Reflective DLL Injection, encrypts targeted files, and uses a public leaks site to pressure victims, including…

Read More
Threat Research

Clipminer Botnet Makes Operators at Least $1.7 Million

May 24, 2022October 16, 2025 Securonix

Broadcom Software has exposed Clipminer, a crypto-mining Trojan that also hijacks clipboard data to steal cryptocurrency, potentially earning operators at least $1.7 million. Symantec describes Trojan.Clipminer as bearing similarities to KryptoCibule and notes…

Read More
Threat Research

Threat Actors Prey on Eager Travelers | FortiGuard Labs

May 24, 2022October 14, 2025 Securonix

Travel-themed lures are being used to push malware onto Windows users, delivering AsyncRAT, Netwire RAT, and Quasar RAT through disguised travel documents like itineraries and ISO files. FortiGuard Labs highlights manual execution of these payloads, domain-bas…

Read More
Threat Research

Closing the Door DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme

May 23, 2022October 13, 2025 Securonix

DeadBolt ransomware targeted NAS devices (notably QNAP and ASUSTOR) with a multitiered extortion scheme that includes both victim and vendor payout options and a web-based ransom interface. The report highlights DeadBolt’s configuration-driven, automated appro…

Read More
Threat Research

YourCyanide: A CMD-Based Ransomware With Multiple Layers of Obfuscation

May 23, 2022October 15, 2025 Securonix

Trend Micro’s Threat Hunting team analyzed a series of CMD-based ransomware variants, culminating in YourCyanide, a multi-stage malware that uses layered downloads and heavy obfuscation. The family evolves from GonnaCope through Kekpop and Kekware, employing D…

Read More
Threat Research

WinDealer dealing on the side

May 20, 2022October 14, 2025 Securonix

LuoYu is a China-focused threat actor active since 2008, known for malware families SpyDealer, Demsty and WinDealer that target Windows, Linux, macOS and Android. A standout development is WinDealer’s man-on-the-side capability, delivered via several novel dis…

Read More

Posts pagination

Previous 1 … 472 473 474 … 489 Next

What are you looking for ?

  • 🖥️ [ D A S H B O A R D ]
  • 🕵️‍♂️ Threat Research
  • 📰 Security News
  • 🚨 Attack & Data Breach
  • 🛑 Ransomware Monitor
  • 💀 Hacked! Web Defacement
  • ✨ Interesting Stuff
  • 📺 Youtube Overview
  • 🔍 Google Cybersecurity
  • 📢 Telegram Notification
  • 📰 News Daily Recap
  • 📰 Security Report
  • X / T W I T T E R
  • B L U E S K Y
  • L I N K E D . I N
  • T H R E A D S
  • T E L E G R A M
  • F A C E B O O K

Website Disclaimer

Proudly powered by WordPress | Theme: Fairy Dark by Candid Themes.