Month: August 2025
-
Midyear Doppelganger information operations in Europe and the US
This investigation delves into information operations conducted by Russian actors known as Doppelgänger, focusing on their activities from early June…
-
ThrottleStop driver abused to terminate AV processes
A recent incident response case in Brazil revealed a new antivirus (AV) killer software circulating since October 2024. This malware…
-
Bumblebee Malware SEO Poisoning Campaign Leads to Akira Ransomware Deployment
A coordinated threat campaign has been identified leveraging SEO poisoning to distribute Bumblebee malware via trojanized installers of IT management…
-
Bumblebee Malware SEO Poisoning Campaign Leads to Akira Ransomware Deployment
A coordinated threat campaign has been identified leveraging SEO poisoning to distribute Bumblebee malware via trojanized installers of IT management…
-
Raspberry Robin: Latest Updates and Improvements
Raspberry Robin, a malicious downloader active since 2021, has undergone significant updates. It now employs improved obfuscation methods, including multiple…
-
Active Exploitation of SonicWall VPNs
A potential zero-day vulnerability in SonicWall VPNs is being actively exploited to bypass MFA and deploy ransomware. The attack chain…
-
Active Exploitation of SonicWall VPNs
A potential zero-day vulnerability in SonicWall VPNs is being actively exploited to bypass MFA and deploy ransomware. The attack chain…
-
Active Exploitation of SonicWall VPNs
A potential zero-day vulnerability in SonicWall VPNs is being actively exploited to bypass MFA and deploy ransomware. The attack chain…
-
Active Exploitation of SonicWall VPNs
A potential zero-day vulnerability in SonicWall VPNs is being actively exploited to bypass MFA and deploy ransomware. The attack chain…
-
Active Exploitation of SonicWall VPNs
A potential zero-day vulnerability in SonicWall VPNs is being actively exploited to bypass MFA and deploy ransomware. The attack chain…