» Threat Intelligence Blog

On February 10, 2023, Phylum security researchers reported a resurgence in a previously seen campaign typosquatting legitimate Python PyPI packages with malicious packages to deliver a malware with cryptocurrency wallet clipboard replacing capabilities. Context  In November 2022, Phylum reported a similar campaign “in which threat actors attempted to replace cryptocurrency addresses in developer clipboards with…

On January 4, 2023, Ahn Lab Security Response Center (ASEC) researchers reported the technical details of a new Linux malware written using Shc delivering a cryptocurrency miner. ASEC researchers assess that the campaign is primarily targeting unspecified systems in South Korea. According to ASEC researchers, the malware authenticates through a dictionary attack on Linux SSH…

Vienna, VA (November 7, 2022) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today released its Holiday Season Cyber Threat Trends report, which examines the threat landscape facing the retail and hospitality sector during the holiday season, typically the busiest time of year for these industries. According to the report, QakBot, Emotet, Agent…

Context On October 4, 2022, DCSO CyTec security researchers reported the technical details of a new backdoor malware targeting Microsoft SQL servers they dubbed “Maggie.” According to researchers, the Maggie backdoor can bruteforce logins to other MSSQL servers and add a new hardcoded backdoor user after bruteforcing administrator logins. Researchers did not investigate if and…

Vienna, VA (September 29, 2022) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today released the first-ever public version of the Retail & Hospitality Intelligence Trends Summary, which analyzes trends in the cyberthreat landscape for the retail, hospitality, and travel sectors. The report sheds light on the top threats and malware families reported…