Author: Stephanie Adlam

I write about how to make your Internet browsing comfortable and safe. The modern digital world is worth being a part of, and I want to show you how to do it properly.

SapphireStealer: Stealthiness, Flexibility and Malware Delivery

SapphireStealer is a unique open-source infostealer that already gained ill fame for attacks on corporations.

SapphireStealer is one such new information stealer to steal various browser credential databases and files containing users’ sensitive information. The codebase for SapphireStealer was made public on GitHub on December 25th, 2022. According to the research, SapphireStealer can steal a wide range of information from the target system, and be flexible in setup and evasion… Continue reading SapphireStealer: Stealthiness, Flexibility and Malware Delivery

DarkGate Loader Expands Activity, Delivers Ransomware

The developer leases DarkGate malware to its partners, increasing DarkGate malware activity

A new DarkGate malware deployment campaign has caught the attention of cybersecurity researchers. This was fueled by the developer’s decision to lease its product to a limited number of affiliates. DarkGate Malware Activity Spikes as Developer Rents Out It According to cybersecurity researchers, a new DarkGate malware campaign made a fuss. It spreads through phishing… Continue reading DarkGate Loader Expands Activity, Delivers Ransomware

Qakbot Botnet Hacked, Removed from Over 700,000 Machines

FBI's Operation 'Duck Hunt' dismantles Qakbot botnet, ending a reign of cyber terror

Qakbot, a notorious botnet, has been taken down by a multinational law enforcement operation spearheaded by the FBI, Operation “Duck Hunt”. The botnet, also called Qbot and Pinkslipbot, that considered one of the largest and longest-running botnets to date. According to conservative estimates, law enforcement officials have linked Qakbot to at least 40 ransomware attacks.… Continue reading Qakbot Botnet Hacked, Removed from Over 700,000 Machines

Wilko Stock Liquidation Scams – Fake Shopping Sites

Fraudsters use the topic of stock liquidation as a basis for numerous shopping scams

Recent events around the Wilko retail chain are sad for its customers, but may also expose folks to financial dangers. Scammers use the news about shops and stock liquidation due to financial issues as a basis for a huge amount of shopping scams. Let’s find out how they work, what are their dangers, and how… Continue reading Wilko Stock Liquidation Scams – Fake Shopping Sites

Botnet of 400,000 Devices Used as Proxy Nodes Uncovered

If you've noticed a drop in network performance for no reason, your device may be infected

Cybercriminals used stealthy malware to create a botnet of 400,000 proxy servers. Although the company providing the proxy services claims that users voluntarily provided their devices, experts believe otherwise. A botnet of 400,000 proxy servers Cybersecurity researchers recently discovered a botnet with more than 400,000 existing proxy nodes. At first glance, the attackers appear as… Continue reading Botnet of 400,000 Devices Used as Proxy Nodes Uncovered

HiatusRAT Used in Attacks on Taiwan Companies and U.S. Military

HiatusRAT offers pretty unusual functionality that appears useful in sophisticated attacks

Recent attacks on US military systems and Taiwan companies are distinctive not only by the brave target choosing, but also for the used toolkit. In the case of both targets, attackers used HiatusRAT as an initial access/reconnaissance tool. Aside from being used in these attacks, Hiatus Trojan has other things to boast of. US DoD… Continue reading HiatusRAT Used in Attacks on Taiwan Companies and U.S. Military

Phishing With Hacked Sites Becomes a Massive Menace

Cybercriminals managed to put hacked sites into use for phishing purposes

Threat actors started using compromised websites for phishing purposes much more frequently. Such worrying statistics popped up in several recent researches. This is not a brand new approach, though it may be particularly effective for fraudulent purposes. Hackers Use Poorly-protected Sites in Phishing Scams Cybercriminals often target abandoned WordPress websites with poor maintenance and security… Continue reading Phishing With Hacked Sites Becomes a Massive Menace

Beware of Cryptocurrency Recovery Scams

If you have been scammed once, you may also be scammed twice.

Recently, the FBI reported increased scammers posing as companies offering to recover stolen cryptocurrency funds. These cunning intruders assure victims of cryptocurrency investment scams that they can retrieve their funds. Cryptocurrency recovery scams According to the same FBI report, losses from cryptocurrency investment scams officially exceeded $2.5 billion in 2022. However, this is not the… Continue reading Beware of Cryptocurrency Recovery Scams

Back to School Scams Expand As August Begins

For the next month, students and their parents should be vigilant.

As the new school season approaches, scammers target students and their parents. They use social engineering and offer free school kits and discounts to lure potential victims. Thus, back to school scams are gaining momentum. The Season of Back to School Scams Cybersecurity researchers discovered a scam campaign that uses PDF files. Under the guise… Continue reading Back to School Scams Expand As August Begins

Ivanti EPMM Vulnerability Patch is Vulnerable

Despite best efforts of Ivanti programmers, older versions of their MobileIron Core can still be exploited

Ivanti, the provider of a wide range of management solutions for corporations, have apparently taken up the baton from Ipswich, the vendor of an infamous MOVEit MFT. Analysts discovered 2 severe vulnerabilities in its EPMM over the last 10 days, and the company released urgent fixes. However, the patch for the CVE-2023-35078 appears to be… Continue reading Ivanti EPMM Vulnerability Patch is Vulnerable