Kuse Web App Abused to Host Phishing Document

Bad actors took advantage of the legitimate name and services of Kuse, a popular AI-based app designed for workplaces. The attackers exploited the users’ trust in Kuse to carry out a phishing attack...

APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign

The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lure to deliver the SpyGlace backdoor. That's according to findings from JPCERT/CC, which said the intrusion leveraged legitimate services like Google...

The internet is already scary enough without April Fool’s jokes

I feel like over the past several years, the "holiday" that is April Fools Day has really died down. At this point, there are few headlines you can write that would be more ridiculous than something youd find on a news site any day of the week. And there are so many more serious issues that are...

Iranian hacking group uses compromised email accounts to distribute MSP remote access tool

Researchers have uncovered a new campaign by hacking group MuddyWater, aka Static Kitten, in which a legitimate remote access tool is sent to targets from a compromised email account. The targets in this campaign are reportedly in Armenia, Azerbaijan, Egypt, Iraq, Israel, Jordan, Oman, Qatar,...

The Ping is the Thing: Popular HTML5 Feature Used to Trick Chinese Mobile Users into Joining Latest DDoS Attack

DDoS attacks have always been a major threat to network infrastructure and web applications. Attackers are always creating new ways to exploit legitimate services for malicious purposes, forcing us to constantly research DDoS attacks in our CDN to build advanced mitigations. We recently...

RogueRobin Malware Uses Google Drive as C2 Channel

A custom malware used by the APT known as DarkHydrus uses a mix of novel techniques, including using Google Drive as an alternate command-and-control C2 channel. According to Palo Alto’s Unit 42 intelligence division, the targeted attack involved spear-phishing emails written in Arabic sent to...

Dynamic Network Analysis Tool: FakeNet-NG

Dynamic Network Analysis Tool FakeNet-NG is a next generation dynamic network analysis tool for malware analysts and penetration testers. It is open source and designed for the latest versions of Windows. FakeNet-NG is based on the excellent Fakenet tool developed by Andrew Honig and Michael...

FAKEM RAT Mimics Normal Network Traffic

A family of remote access Trojans RATs known as FAKEM has been evading detection for more than three years by camouflaging themselves as legitimate network traffic. Nate Villeneuve, a senior threat researcher at Trend Micro, said that remote access Trojans are a favorite among attackers seeking t...

Siberia Exploit Kit Offers Service to Evade Anti-Malware Software

Attackers have been using legitimate online services such as VirusTotal and others to check their new pieces of malware against various security suites for some time now, but that’s become less and less effective recently. Now, the creators of some exploit kits are beginning to include less...