Over the last two weeks, we saw that a few months back, researchers discovered a new, undetected malware that acts in this parasitic nature affecting Linux® operating systems. We have aptly named this malware Symbiote. In addition, back from the dead, Emotet returns in 2022.
For more articles, check out our #onpatrol4malware blog.
How Tinder scammers steal your heart, then your money
Love bombing, catfishing, blackmail, and more: Here are common tactics criminals use to lure you into parting with cash or private information. Read more.
Sophisticated Ransomware targeting Windows and Linux Users
Zero-day exploits or recently patched/unpatched vulnerabilities are attractive targets for Threat Actors (TAs) to deploy malware efficiently. TAs leverages these vulnerabilities and exploits them to deliver the various types of malware to steal sensitive information for financial gain. Read more.
Back From the Dead, Emotet Returns in 2022
Source: Deep Instinct
Emotet malware started from humble beginnings as a banking Trojan in 2014. The threat actors behind Emotet have been credited as one of the first criminal groups to provide Malware-as-a-Service (MaaS). Read more.
LockBit 2.0: How This RaaS Operates and How to Protect Against It
Source: Unit 42
LockBit 2.0 is ransomware as a service (RaaS) that first emerged in June 2021 as an upgrade to its predecessor LockBit (aka ABCD Ransomware), which was first observed in September 2019. Read more.
Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat
A few months back, researchers discovered a new, undetected malware that acts in this parasitic nature affecting Linux® operating systems. We have aptly named this malware Symbiote. Read more.
Aoqin Dragon | Newly-Discovered Chinese-linked APT Has Been Quietly Spying On Organizations For 10 Years
Source: Sentinel Labs
SentinelLabs has uncovered a cluster of activity beginning at least as far back as 2013 and continuing to the present day, primarily targeting organizations in Southeast Asia and Australia. Read more.
Black Basta ransomware now supports encrypting VMware ESXi servers
Source: Security Affairs
The Black Basta ransomware gang now supports encryption of VMware ESXi virtual machines running on Linux servers. Researchers from Uptycs first reported the discovery of the new Black Basta ransomware variant that supports encryption of VMWare ESXi servers. Read more.
NSA, CISA, and FBI Expose PRC State-Sponsored Exploitation of Network Providers, Devices
Source: National Security Agency
The NSA, CISA, and FBI released a Cybersecurity Advisory (CSA) today, “People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices.” Read more.