8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers.
The 8220 gang has been leveraging an old Oracle WebLogic Server vulnerability (CVE-2020-14883) to distribute malware, the Imperva Threat Research team has found…
Hacker Sells Access to Binance’s Law Enforcement Portal.
A threat actor attempts to sell access to a sensitive area of Binance — the major cryptocurrency exchange’s…
Hacker Uses Infostealer Data to Gain Access to Brazil’s Police Portal.
It is not uncommon for threat actors to exploit login data obtained from Infostealer infections to carry out various types of cyberattacks…
Infostealer Credentials Compromise Password Managers, Posing Identity and Financial Theft Risks.
In today’s digital landscape, the reliance on password managers has become commonplace, providing users with a sense of security…
Lumma malware can allegedly restore expired Google auth cookies.
Session cookies are specific web cookies used to allow a browsing session to log in to a website’s services automatically…
Lumma Stealer malware now uses trigonometry to evade detection.
The Lumma information-stealing malware is now using an interesting tactic to evade detection by security software…
Threat to Security: Lumma Infostealer Unlocks Unstoppable Access to Google Cookies.
In a significant development, the creators of the well-known Infostealer group, Lumma, have reportedly made a groundbreaking discovery…
Atomic Stealer | Threat Actor Spawns Second Variant of macOS Malware Sold on Telegram.
Recent weeks have seen a number of macOS-specific infostealers appear for sale in crimeware forums…
RHADAMANTHYS: THE “EVERYTHING BAGEL” INFOSTEALER.
What causes a man to wake up one day and say, “I’m going to build my own malware and go sell it to cybercriminals on the dark web”?
Rapid7 Observes Use of Microsoft OneNote to Spread Redline Infostealer and Qakbot Malware.
Rapid7 routinely conducts research into the wide range of techniques that threat actors use to conduct malicious activity…
Fake Update Utilizes New IDAT Loader To Execute StealC and Lumma Infostealers.
Recently, Rapid7 observed the Fake Browser Update lure tricking users into executing malicious binaries…
Overview of the Russian-speaking infostealer ecosystem: the logs.
This blog post aims at presenting the life cycle of logs, the cybercrime marketplaces dedicated to logs and the noticeable schemes…
