Mozi Malware Amasses IoT Network Traffic Quietly

A Peer-to-Peer (P2P) botnet named Mozi has been causing a considerable increase in overall IoT botnet activities since late 2019. Lately, IBM X-Force has released a report claiming the botnet has accounted for nearly 90% of the observed IoT network traffic from October 2019 through June 2020. The startling takeover Instead of removing its competitors from the … Read more Mozi Malware Amasses IoT Network Traffic Quietly

After Six Long Years, a New “Kitten” is Finally Out of the Hat

A large-scale Iranian espionage operation has largely managed to remain undetected for at least six years. Recently, security firm Check Point has managed to uncover the hacking group’s attack methods and hacking tools. Under the hood According to Check Point, the Iranian state-backed APT group Rampant Kitten has carried out several surveillance operations on its victims. … Read more After Six Long Years, a New “Kitten” is Finally Out of the Hat

Failed Auction Pushed Actors to Release Their Banking Trojan For Free

Cerberus is a banking trojan for Android that was first identified on underground forums in August 2019 and has been in use for private operations since then. What happened? Recently, the attackers behind this malware released the source code for free on underground forums after a failed auction. It has been looking for a new owner for … Read more Failed Auction Pushed Actors to Release Their Banking Trojan For Free

Spammers Craft Strange IP Address Trick to Evade Detection

Spammers keep looking for new and innovative tricks to deliver boobytrapped emails in as many inboxes as possible. Recently, Trustwave researchers published a report about a spam group that adopted a simple IP address format conversion trick for their spam campaigns to dodge detection. The strange IP addressing scheme Since mid-July, the spammers have been sending emails … Read more Spammers Craft Strange IP Address Trick to Evade Detection

Cobalt Strike: The Holy Grail for Cybercriminals

Cobalt Strike, a tool intended to be used by security researchers, is today a well-known paid toolkit exploited by cybercriminals for post-intrusion exploitation. What happened? Recently, Cisco Talos published a new research paper about the exploitation of the tool, along with new detection signatures to detect its misuse by threat actors. Recently, Chinese Ministry of State Security (MSS)-affiliated hackers attacked … Read more Cobalt Strike: The Holy Grail for Cybercriminals

Iranian Hackers Run Rampant

Iranian threat actors are on a mission to create a worldwide disruption. State-backed hackers are primarily targeting North American and Israeli agencies, with a particular focus on the healthcare, government, technology, and defense sectors. Hot off the press A six-year Iranian cyberespionage campaign has been unraveled, which targeted Iranian dissidents and expats. The attacks involved: Four strains … Read more Iranian Hackers Run Rampant