Skip to main content

Posts

Unleashing Chaos: Craxs Rat Update V5 Introduces Terrifying New Features

The notorious Craxs Rat malware has recently unleashed its latest version, Update V5, introducing a range of new features and enhancements. This update further strengthens the capabilities of Craxs Rat, posing an increased threat to individuals and organizations alike. In this article, we delve into the details of the updated features of Craxs Rat V5, shedding light on its improved functionality and potential impact on cybersecurity.
Recent posts

GoldenJackal APT group: A threat to government and diplomatic entities in the Middle East and South Asia

A new report from the cybersecurity firm Securelist has identified a new APT group that has been active since at least 2019. The group, which is named GoldenJackal , is believed to be based in Iran and is known for targeting government and diplomatic entities in the Middle East and South Asia. GoldenJackal has used a variety of techniques to compromise its targets, including phishing, spear phishing, and watering hole attacks. The group has also been known to use custom malware, including backdoors, stealers, and wipers.

BlackLotus UEFI Bootkit: A New Threat to Windows Security

In March 2023, security researchers from ESET announced the discovery of a new UEFI bootkit called BlackLotus . This bootkit is capable of bypassing UEFI Secure Boot, a security feature that is designed to prevent malware from infecting a computer's firmware. Once BlackLotus is installed, it can give an attacker complete control over the computer, including the ability to steal data, install other malware, and disrupt the computer's operation. BlackLotus is a sophisticated piece of malware that is difficult to detect and remove. It is also relatively new, so there is limited information about how it works. However, ESET researchers have been able to learn a lot about BlackLotus, and they have published a detailed analysis of the malware.

Recent updates to Prometei botnet reveal enhanced modules and expanded capabilities

The Prometei botnet has been an ongoing threat since Cisco Talos first reported on it in 2020. As of November 2022, the botnet has improved its infrastructure components and capabilities, including certain submodules of the execution chain that automate processes and challenge forensic analysis methods. Based on data obtained by sinkholing the DGA domains over a one-week period in February 2023, the Prometei v3 botnet is estimated to be of medium size, with more than 10,000 infected systems worldwide. The actors have been actively spreading improved Linux versions of the bot, continuously improving the current version.

Chinese Spy Balloon Spotted Over Central US, Secretary of State Blinken Postpones Trip to China

The US Pentagon announced on Friday that it had detected a Chinese spy balloon flying over the central United States. The US rejected China's claim that the balloon was a weather research airship and described it as a surveillance vehicle. Brig. Gen. Pat Ryder, the Pentagon press secretary, stated that the balloon was at an altitude of 60,000 feet, was maneuverable and posed no threat at the moment. The US Secretary of State Antony Blinken postponed a planned trip to China in response to the discovery of the balloon. The balloon was spotted over Montana, which is home to one of America's nuclear missile silo fields. The US prepared fighter jets, including F-22s, to shoot down the balloon, but ultimately decided against it due to the potential risks to people on the ground. China expressed regret for the balloon's entry into US airspace and said it was a civilian airship used mainly for meteorological research.

Prilex: The Most Advanced PoS Malware with the Ability to Block Contactless Payments

Prilex is a highly advanced malware that has evolved from ATM-focused malware into a unique modular PoS malware, known to be the most advanced PoS threat seen so far. It has a unique cryptographic scheme, performs real-time patching in target software, forces protocol downgrades, manipulates cryptograms, performs GHOST transactions and performs credit card fraud. Recently, three new versions of Prilex have been discovered with the ability to block contactless payment transactions, which have become popular due to the pandemic. These new versions block NFC-based transactions and force victims to use their physical card by inserting it into the PIN pad reader, which allows the malware to capture the data coming from the transaction.

Newcomers to the Cybersecurity Space: Opportunities Abound for Those Willing to Learn and Adapt to an Evolving Industry

There are several key roles within the cyber security field that are in high demand in the job market. Some of the top profiles in the market include: Cybersecurity Analyst: These professionals are responsible for identifying, assessing, and mitigating security threats to an organization's computer systems and networks. Penetration Tester: Also known as ethical hackers, these professionals are hired to test the security of an organization's systems and networks by simulating a cyber attack. Security Engineer: These professionals design, develop, and implement security systems and solutions to protect an organization's networks and data. Security Operations Center (SOC) Analyst: These professionals monitor and analyze security data to detect and respond to potential security threats and incidents.