Latest Attack Reports

Title Published Tags Description IOCs
ACSC - Malicious URLS High Confidence September 13, 2024 This pulse contains malicious URLs provided by the ACSC (Australian Cybersecurity Center). This pulse contains high-confidence ma… 1
Hadooken Malware Targets Weblogic Applications September 13, 2024 Aqua Nautilus researchers identified a Linux malware, named Hadooken, targeting Oracle WebLogic servers. Upon gaining initial acc… 4
A SOC Team’s Guide to Detecting macOS Atomic Stealers September 13, 2024 This article provides an analysis of the Atomic Infostealer malware family, which has been targeting macOS users throughout 2024.… 3
DragonRank, a Chinese-speaking SEO manipulator service provider September 12, 2024 Cisco Talos is disclosing a new threat called “DragonRank” that primarily targets countries in Asia and a few in Europe, operatin… 35
Phishing Via Typosquatting and Brand Impersonation: Trends and Tactics September 12, 2024 From February to July 2024, an analysis of over 500 popular domains revealed more than 10,000 malicious lookalike domains employi… 10
Targeted Iranian Attacks Against Iraqi Government Infrastructure September 12, 2024 Check Point Research uncovered a new malware campaign targeting Iraqi government entities, employing custom tools named Veaty and… 16
19 Websites Identified as Part of an Iranian Global Influence Operation September 12, 2024 An investigation has uncovered a network of 19 websites created by Iran as part of a global influence operation. These sites, pre… 19
New RansomHub attack uses TDSKiller and LaZagne, disables EDR September 11, 2024 A recent analysis by the ThreatDown MDR team has uncovered a novel attack method employed by the RansomHub ransomware gang. The a… 2
Ransomware in the Cloud: Scattered Spider Targeting Insurance and Financial Industries September 11, 2024 The Scattered Spider cybercriminal group is targeting cloud infrastructures in the insurance and financial sectors using advanced… 12
Threat Assessment: Repellent Scorpius, Distributors of Cicada3301 Ransomware September 11, 2024 Repellent Scorpius is a new ransomware-as-a-service group distributing Cicada3301 ransomware. It emerged in May 2024 and employs … 8