Threat Intelligence |
Sponsored by |
The Koobface Gang gained notoriety from 2008 to the 2010s for spreading malware via Facebook and other social networks. Believe it or not, the gang amassed millions of dollars from their online scams while hiding in plain sight in St. Petersburg, Russia. After being publicly identified in 2012, the gang members shut down their operations. more
Aoqin Dragon, like the mythical character it's named after, has recently been unearthed after nearly a decade of flying under the cybersecurity community's radar. Now believed to have been active since 2013, the advanced persistent threat (APT) group has targeted various organizations in the government, education, and telecommunications sectors. more
For US$2,500, threat actors can employ Matanbuchus, a malware-as-a-service (MaaS) package found delivering Cobalt Strike beacons through phishing and spam messages. Cobalt Strike is a powerful security tool that threat actors are increasingly using as a reconnaissance and post-exploitation weapon. more
Threat actors are increasingly impersonating businesses in phishing attacks. In May 2022, 52% of business email compromise (BEC) scams impersonated third-party organizations, exposing businesses to supply chain attacks. more
Conti ransomware surfaced as far back as 2020. Believed to have been created by Russia-based cybercriminal group Wizard Spider, it has been involved in a multitude of double extortion campaigns over the years. more
As technology advances, so does the world of espionage. That has given birth to several companies, such as Cytrox, that specialize in creating spyware. Predator, along with other applications of its kind, has been advertised as legal spyware-for-hire. more
Two cyber threats recently caught the attention of WhoisXML API researchers, primarily since parts of their infection chain hide behind legitimate services. This tactic is tricky for security teams because blocking the domains involved means blocking legitimate applications, too. more
Cyber attackers typically use newly registered domains (NRDs) in their campaigns to evade detection, particularly since the implementation of privacy protection in WHOIS records. But some also use aged domains like the SolarWinds hackers to render a sense of legitimacy to their pages. more
Premium Short Message Service (SMS) abuse is no longer new. But it's pretty rare for such threats to rack up hundreds of dollars in additional phone bill costs for every victim each year. more
Threat actors don't rest. Their malicious campaigns operate 24/7, especially when special occasions are approaching. Last May, we discovered over a thousand web properties related to Mother's Day, many of which either hosted questionable content or have been flagged as malicious. more