Gamaredon’s LittleDrifter USB malware spreads beyond Ukraine
A recently discovered worm that researchers call LittleDrifter has been spreading over USB drives infecting systems in multiple countries as...
OSINT
VX-Underground malware collective framed by Phobos ransomware
A new Phobos ransomware variant frames the popular VX-Underground malware-sharing collective, indicating the group is behind attacks using the encryptor....
OMGPOP – 7,071,293 breached accounts
HIBP In approximately 2013, the maker of the Draw Something game OMGPOP suffered a data breach. Formerly known as i'minlikewithyou...
MemTracer – Memory Scaner
MemTracer is a tool that offers live memory analysis capabilities, allowing digital forensic practitioners to discover and investigate stealthy attack...
Randstorm Exploit: Bitcoin Wallets Created b/w 2011-2015 Vulnerable to Hacking
Bitcoin wallets created between 2011 and 2015 are susceptible to a new kind of exploit called Randstorm that makes it...
Product Walkthrough: Silverfort’s Unified Identity Protection Platform
In this article, we will provide a brief overview of Silverfort's platform, the first (and currently only) unified identity protection...
Why Defenders Should Embrace a Hacker Mindset
Today's security leaders must manage a constantly evolving attack surface and a dynamic threat environment due to interconnected devices, cloud...
DarkGate and PikaBot Malware Resurrect QakBot’s Tactics in New Phishing Attacks
Phishing campaigns delivering malware families such as DarkGate and PikaBot are following the same tactics previously used in attacks leveraging...
LummaC2 Malware Deploys New Trigonometry-Based Anti-Sandbox Technique
The stealer malware known as LummaC2 (aka Lumma Stealer) now features a new anti-sandbox technique that leverages the mathematical principle...
NetSupport RAT Infections on the Rise – Targeting Government and Business Sectors
Threat actors are targeting the education, government and business services sectors with a remote access trojan called NetSupport RAT. "The...
Indian Hack-for-Hire Group Targeted U.S., China, and More for Over 10 Years
An Indian hack-for-hire group targeted the U.S., China, Myanmar, Pakistan, Kuwait, and other countries as part of a wide-ranging espionage,...
Russian hackers use Ngrok feature and WinRAR exploit to attack embassies
After Sandworm and APT28 (known as Fancy Bear), another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in...
Researchers extract RSA keys from SSH server signing errors
A team of academic researchers from universities in California and Massachusetts demonstrated that it’s possible under certain conditions for passive network...
LightsOut – Generate An Obfuscated DLL That Will Disable AMSI And ETW
LightsOut will generate an obfuscated DLL that will disable AMSI & ETW while trying to evade AV. This is done...
Exploit for CrushFTP RCE chain released, patch now
A proof-of-concept exploit was publicly released for a critical remote code execution vulnerability in the CrushFTP enterprise suite, allowing unauthenticated...
FCC adopts new rules to protect consumers from SIM-swapping attacks
The Federal Communications Commission (FCC) has revealed new rules to shield consumers from criminals who hijack their phone numbers in...
Bread – BIOS Reverse Engineering And Advanced Debugging
BREAD (BIOS Reverse Engineering & Advanced Debugging) is an 'injectable' real-mode x86 debugger that can debug arbitrary real-mode code (on...
Medusa Locker Ransomware Victim: McCray & Withrow
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Medusa Locker Ransomware Victim: CENTRE D’AUTO P[.]R[.]N[.] SALABERRY IN
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
8Base Group Deploying New Phobos Ransomware Variant via SmokeLoader
The threat actors behind the 8Base ransomware are leveraging a variant of the Phobos ransomware to conduct their financially motivated...
Akira Ransomware Victim: ATC SA
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Metro MPLS
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
LockBit 3.0 Ransomware Victim: planethomelending[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: hsksgreenhalgh[.]co[.]uk
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
