Law enforcement agencies shut down xDedic, a cybercrime-as-a-service (CaaS) marketplace specifically providing web servers to cybercriminals, back in 2019. However, WhoisXML API threat researcher Dancho Danchev posits that parts of its backend infrastructure may remain traceable. more
New kids on the cybercrime block, pig butchering scams, have been making waves lately, and it is not surprising why. Scammers have been earning tons from them by being able to trick users into investing in seemingly legitimate business ventures but losing their hard-earned cash instead. more
Mandiant's Managed Defense Threat Hunting Team recently published an in-depth study of the malware distributed via what they have dubbed the "UNC2975 malvertising campaign." Users who have been tricked into clicking poisoned sponsored search engine results and social media posts ended up with computers infected with either the DANABOT or DARKGATE backdoor. more
The Log4Shell zero-day vulnerability, also known as "CVE -- 2021 -- 44228," proved to be one of the worst bugs disclosed in December 2021. And while a patch for it has been made available via the Log4j 2.17.1 release seven days after its discovery, some affected systems could remain vulnerable to date. more
The concept of internationalization extends from the virtual to the physical realm. Many people wish to travel or even migrate to other countries at some point in their lives. Unfortunately, that's sometimes easier said than done given the many legal documents, including valid IDs, passports, and others required. more
As long as cybercriminals remain in business, so will the number of underground marketplaces grow. And despite the crackdown on the biggest markets like Silk Road, cybercriminals will continue to strive to put up their own marketplaces, probably given their profitability. Case in point? more
Rogue bulletproof hosts are part and parcel of the cybercriminal market that is hidden deep underground. Without means to easily evade detection, attribution, and incarceration, many of today's cybercriminals would not be able to continue their malicious operations. more
Phishing campaigns almost always require a massive volume of domains in order to succeed. Phishers, after all, need to have readily weaponizable vectors at their disposal in case the ones they're currently employing get detected and consequently blocked. more
It's not uncommon for cybercriminals to tweak an existing piece of malware and then call it a new creation. We've seen that happen even in malware's earliest days. It's actually happening more and more these days, especially with the rise of the malware-as-a-service (MaaS) business model. more
Evolution isn't only for humans and other living things. Apparently, malware can evolve, too, and IcedID is a good example. First detected as a banking trojan in 2017, IcedID continues to undergo updates that make it even more dangerous. In the past few months, IcedID variants have been observed to deliver ransomware payloads instead of performing its original function -- stealing financial data. more