Security Affairs
JULY 28, 2022
The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) researchers linked a threat group known as Knotweed to an Austrian surveillance firm named DSIRF, known for using multiple Windows and Adobe zero-day exploits. or later to detect the related indicators. Pierluigi Paganini.
SecureList
NOVEMBER 26, 2021
In June, more than six months after DarkHalo had gone dark, we observed the DNS hijacking of multiple government zones of a CIS member state that allowed the attacker to redirect traffic from government mail servers to computers under their control – probably achieved by obtaining credentials to the control panel of the victims’ registrar.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
JULY 7, 2019
Firefox finally addressed the Antivirus software TLS Errors. China installs a surveillance app on tourists phones while crossing in the Xinjiang. Godlua backdoor, the first malware that abuses the DNS over HTTPS (DoH). After 2 years under the radars, Ratsnif emerges in OceanLotus ops. LooCipher: The New Infernal Ransomware.
SecureList
MAY 31, 2021
We believe this is a continuation of a campaign last summer, reported by Avast , in which the malware masqueraded as the Malwarebytes antivirus installer. In the latest campaign , we observed the malware impersonating several applications: the ad blockers AdShield and Netshield, as well as the OpenDNS service.
SecureList
APRIL 27, 2021
Although Lyceum still prefers taking advantage of DNS tunneling, it appears to have replaced the previously documented.NET payload with a new C++ backdoor and a PowerShell script that serve the same purpose. Our telemetry revealed that the threat group’s latest endeavors are focused on going after entities within one country – Tunisia.
Expert insights. Personalized for you.
90 
Let's personalize your content