F5 Labs security researchers have spotted four cyber campaigns using Panda malware, a spinoff of the infamous Zeus banking trojan. The campaigns were active between February and May of 2018. Three of them are still active as of this month.
Palo Alto Unit 42 security researchers have been tracking a cryptocurrency mining malware dubbed ‘Rarog’ that has been sold in underground cybercriminal forums since June of 2017.
The United States Department of Justice announced nine Iranian citizens, working on behalf of the Iranian government, were charged in a massive computer hacking campaign.
A suspected Chinese-linked cyber espionage campaign dubbed Temp.Periscope has been targeting engineering and maritime industries. FireEye has observed a spike in the campaign activity since early 2018 and has tracked the activity since 2013.
Russian government cyber activity has targeted U.S Government entities, energy and other critical infrastructure sectors. The activity has been active since at least March 2016, according to a US-CERT Technical Alert (TA).
Proofpoint security researchers have found a new Traffic Distribution System (TDS) dubbed BlackTDS for sale on the Dark Web.
McAfee released its Q4 Labs Threats Report for Q4 2017. The report includes botnet campaign details regarding the Necurs and Gamut botnets, as well as Dridex banking Trojan and ransomware payloads from GlobeImposter, Locky and Scarab.
The Sofacy group (aka APT28, Fancy Bear, and Pawn Storm) have allegedly attacked and breached German government’s secure computer network. Many security experts believe the cyberespionage group has ties back to the Russian government.
The Internet Crime Complaint Center (IC3) has issued an alert on W-2 phishing campaigns. In the latest scam, criminals are targeting sensitive tax information by using IRS-related phishing emails.
Threat actors from likely Nigerian origin are using business email compromise scams (BECs) to target Fortune 500 companies.