A week in security (January 3 – 9)

Last week on Malwarebytes Labs: Ransomware attacks Finalsite, renders 8,000 school sites unreachable for days Patchwork APT caught in its own web Sophisticated phishing scheme spent years robbing authors of their unpublished work Google and Facebook fined $240 million for making cookies hard to...

BADNEWS! Patchwork APT Hackers Score Own Goal in Recent Malware Attacks

Threat hunters have shed light on the tactics, techniques, and procedures embraced by an Indian-origin hacking group called Patchwork as part of a renewed campaign that commenced in late November 2021, targeting Pakistani government entities and individuals with a research focus on molecular...

Patchwork APT caught in its own web

Patchwork is an Indian threat actor that has been active since December 2015 and usually targets Pakistan via spear phishing attacks. In its most recent campaign from late November to early December 2021, Patchwork has used malicious RTF files to drop a variant of the BADNEWS Ragnatela Remote...