Security Research

A new phishing campaign, which uses fake WhatsApp voice messages to trick victims into installing infostealing malware, has already targeted over 27,000 users.

A new remote access Trojan (RAT) by the name of Borat has been appearing on darknet markets. Borat is designed to be easy-to-use, and gives attackers the ability to deploy ransomware, perform DDoS attacks, bypass user account control (UAC), access files and network devices, and even take complete control of a victim's mouse and keyboard.

Google has issued an update for its Chrome browser that patches the second "high severity" zero-day vulnerability this year. All 3.2 billion Chrome users are urged to update to Chrome 99.0.4844.84 for Windows, Mac, or Linux immediately.

Multiple government sites in Ukraine were shut down on January 13, 2022, the result of a large-scale cyberattack by the WhisperGate malware. Microsoft Intelligence named this activity "DEV-0586" and identified it as destructive malware that used to be ransomware. Its main purpose is to disrupt the system and damage files beyond the possibility of their recovery.

Pandora ransomware has hit the Japan-based DENSO Corporation, one of the largest automotive parts manufacturers in the world. DENSO — which has more than 200 subsidiaries, almost 170,000 employees, and an annual revenue of over $44 billion — provides parts to Toyota, who just dealt with their own cyberattack, as well as Mercedes-Benz, Fiat, and others.

The Lapsus$ ransomware group has attacked Samsung Electronics, and leaked 190 GB of data — including the source code of bootloaders, activation servers, and trusted applets.

Expeditors, a global logistics giant and top-five freight management company by revenue, recently suffered a cyberattack. The incident appears to involve ransomware.

Storm Ylenia caused chaos in Germany last week, bringing gale-force winds that toppled trees, caused power outages, and even forced the shutdown of long-distance trains in seven of the country's states.

Vodafone Portugal, a subsidary of UK-based Vodafone Group, has had to take their networks offline after they became the victim of a cyberattack.

Famed rock star Ozzy Osbourne recently announced a new NFT project by the name of CryptoBatz. After a change in promotional URLs, phishers were able to steal more than $40,000 from over 1,300 unsuspecting collectors looking to buy NFTs from CryptoBatz.

A new infostealer called BHUNT is looting cryptocurrency wallet contents, passwords, and security phrases.

The infamous FIN8 hacking group appears to be entering the ransomware space with a new ransomware strain dubbed White Rabbit.