The Not-So-Secret Network Access Broker x999xx

Credit to Author: BrianKrebs| Date: Wed, 03 Jul 2024 16:41:34 +0000

Most accomplished cybercriminals go out of their way to separate their real names from their hacker handles. But among certain old-school Russian hackers it is not uncommon to find major players who have done little to prevent people from figuring out who they are in real life. A case study in this phenomenon is “x999xx,” the nickname chosen by a venerated Russian hacker who specializes in providing the initial network access to various ransomware groups.

Read more

Warning issued over increased activity of TrueBot malware

Categories: News

Categories: Ransomware

Tags: TrueBot

Tags: Cl0p

Tags: Silence Group

Tags: CVE-2022-31199

Tags: Raspberry Robin

Tags: FlawedGrace

Tags: Cobalt Strike

Tags: Teleport

CISA, the FBI, the MS-ISAC, and the CCCS have warned about increased activity of the TrueBot malware in the US and Canada.

(Read more…)

The post Warning issued over increased activity of TrueBot malware appeared first on Malwarebytes Labs.

Read more

Update now! GoAnywhere MFT zero-day patched

Categories: News

Tags: GoAnywhere MFT

Tags: managed file transfer

Tags: Kevin Beaumont

Tags: Brian Krebs

Tags: emergency patch 7.1.2

Tags: Fortra

Tags: Cobalt Strike

Tags: Florian Hauser

Tags: Code White

A bug in GoAnywhere, a B2B management file transfer software, could lead to a serious supply chain attack if left unpatched. Update now!

(Read more…)

The post Update now! GoAnywhere MFT zero-day patched appeared first on Malwarebytes Labs.

Read more

Silence is golden partner for Truebot and Clop ransomware

Categories: News

Categories: Ransomware

Tags: Silence

Tags: TA505

Tags: Clop ransomware

Tags: Truebot

Tags: Grace

Tags: Cobalt Strike

Tags: Teleport

Tags: FIN11

Researchers have identified two new Truebot botnets that are using new versions of the Truebot downloader Trojan to infiltrate and explore a target’s network.

(Read more…)

The post Silence is golden partner for Truebot and Clop ransomware appeared first on Malwarebytes Labs.

Read more

Cobalt Strikes again: UAC-0056 continues to target Ukraine in its latest campaign

Credit to Author: Threat Intelligence Team| Date: Wed, 13 Jul 2022 16:17:09 +0000

While the war in Ukraine still rages, various threat actors continue to launch cyber attacks against its government entities. In this blog we review the latest campaign from the UAC-0056 threat group.

The post Cobalt Strikes again: UAC-0056 continues to target Ukraine in its latest campaign appeared first on Malwarebytes Labs.

Read more