7 matches found
BinDiff 8
BinDiff is an open-source comparison tool for binary files to quickly find differences and similarities in disassembled code...
Researchers Uncover Cicada3301 Ransomware Operations and Its Affiliate Program
Cybersecurity researchers have gleaned additional insights into a nascent ransomware-as-a-service RaaS called Cicada3301 after successfully gaining access to the group's affiliate panel on the dark web. Singapore-headquartered Group-IB said it contacted the threat actor behind the Cicada3301...
New Golang-based 'Agenda Ransomware' Can Be Customized For Each Victim
A new ransomware strain written in Golang dubbed "Agenda" has been spotted in the wild, targeting healthcare and education entities in Indonesia, Saudi Arabia, South Africa, and Thailand. "Agenda can reboot systems in safe mode, attempts to stop many server-specific processes and services, and ha...
Pandora Ransomware Targets Multiple Plants around the Globe
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Pandora ransomware is a new operation that targets business networks and obtains data for double-extortion assaults and active since March 2022. DENSO, a Japanese auto parts manufacturers plant in Germany, and Global Wafers...
SolarWinds Hack Potentially Linked to Turla APT
New details on the Sunburst backdoor used in the sprawling SolarWinds supply-chain attack potentially link it to previously known activity by the Turla advanced persistent threat APT group. Researchers at Kaspersky have uncovered several code similarities between Sunburst and the Kazuar backdoor...
Researchers Find BlackEnergy APT Links in ExPetr Code
Researchers have found links between the BlackEnergy APT group and threat actors behind the ExPetr malware used in last month’s global attacks. According to researchers at Kaspersky Lab, there are strong similarities between older versions of BlackEnergy’s KillDisk ransomware compared to ExPetr...
A Growing Number of Android Malware Families Believed to Have a Common Origin: A Study Based on Binary Code
Introduction On Feb. 19, IBM XForce researchers released an intelligence report 1 stating that the source code for GM Bot was leaked to a crimeware forum in December 2015. GM Bot is a sophisticated Android malware family that emerged in the Russian-speaking cybercrime underground in late 2014. IB...