More than a decade ago, rootkits were the apex predators of cybercrime.
These clandestine computer programs were built to offer attackers an uninterrupted foothold onto victims’ computers and conceal malicious activities from the operating system as well as from antimalware solutions.
For the past few months, Bitdefender researchers have seen a surge in malicious drivers with valid digital signatures issued through the WHQL signing process.
FiveSys – a digitally signed rootkit that made its way through the driver certification process.
Sign Up For Threat Alerts
Aug 08, 2022
RapperBot – new evolving malware
FortiGuard Labs has been tracking a rapidly evolving IoT malware family known as "RapperBot". This...
Aug 04, 2022
Google Drive And Dropbox Used By APT29...
Cloaked Ursa (aka: APT29) has been targeting governmental entities in several countries with spear-phishing campaigns...
Aug 03, 2022
Manjusaka: A Chinese sibling of Sliver and...
Cisco Talos recently discovered a new attack framework called "Manjusaka" being used in the wild...
Aug 03, 2022
macOS Targeted With The CloudMensis Multi-Staged Malware
ESET researchers discovered a previously unknown macOS backdoor that spies on users of the compromised...
Aug 01, 2022
Attackers Target Ukraine With GoMet Backdoor
Since the Russian invasion of Ukraine began, Ukrainians have been under a nearly constant barrage...
Jul 31, 2022
Untangling KNOTWEED: European private-sector offensive actor using...
The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) found a...
Jul 31, 2022
Untangling KNOTWEED: European private-sector offensive actor using...
The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) found a...
Jul 26, 2022
EvilNum Targets Cryptocurrency, Forex, Commodities
Proofpoint Threat Research observed the group Proofpoint calls TA4563 targeting various European financial and investment...
Jul 25, 2022
Lightning Framework: New Undetected “Swiss Army Knife”...
Lightning is a previously undocumented and undetected Linux threat. Lightning is a modular framework we...
Jul 24, 2022
Redeemer Ransomware
Redeemer 2.0 Being Distributed Via Affiliate Program Cyble Research Labs has constantly been tracking emerging...
Jul 21, 2022
Cobalt Strikes again: UAC-0056 continues to target...
The Malwarebytes Threat Intelligence team recently reviewed a series of cyber attacks against Ukraine that...
Jul 20, 2022
Trello From the Other Side: APT29 Phishing...
Beginning mid-January 2022, Mandiant detected and responded to an APT29 phishing campaign targeting a diplomatic...
Jul 18, 2022
New OrBit Linux Malware That Hijacks Execution...
New and entirely undetected Linux threat dubbed OrBit, signally a growing trend of malware attacks...
Jul 18, 2022
North Korean threat actor targets small and...
A group of actors originating from North Korea that Microsoft Threat Intelligence Center (MSTIC) tracks...
Jul 13, 2022
ChromeLoader – New Stubborn Malware Campaign
A new browser hijacker/adware campaign named ChromeLoader (also known as Choziosi Loader and ChromeBack) was...