The infamous Hive ransomware gang has been busy lately. Just in the last week, they've claimed responsibility for four new victims.

An ongoing phishing campaign is abusing a feature from LinkedIn called Smart Links in order to bypass some security filters.

The Quantum and BlackCat ransomware gangs are now using the Emotet botnet to deploy their payloads. Emotet was first deployed as a banking trojan in 2014, and has since evolved into a network of compromised computers.

On June 22, 2022, CNCERT IoT Threat Research Team and NSFOCUS FuYingLab monitored a new botnet that was attacking IoT devices. Naming the threat ‘RapperBot,’ researchers found more than 5,000 compromised hosts, but no attack commands were spotted. In analyzing samples, cybersecurity analytics found similarities with Mirai Bot, whose source code has been leaked.

Researchers have identified new cyber-espionage activity focusing on government entities, state-owned aerospace and defense firms, telecom companies, and IT organizations in multiple Asian countries.

A new phishing campaign has seen attackers impersonate Microsoft in order to bait recipients into inadvertently exposing their account credentials. Victims are invited to add a message of condolence on an online memorial board "in memory of Her Majesty Queen Elizabeth II."

The backdoor known as SideWalk, or StageClient, has been observed in various attacks over the last year, mainly against academic targets in East and Southeast Asia. These attacks were mainly against Windows systems, but a new variant targeting Linux systems has been discovered with similar functionality.