Written By David Bisson

New Gallmaker Attack Group Using Living-off-the-Land Tactics in Espionage Campaign

A new attack group known as Gallmaker spied on military and government organizations by employing living-off-the-land tactics.

KeyBoy Attacker Group Uses Publicly Available Exploit Code to Deliver Malware

The KeyBoy attacker group recently used known exploit code for two Microsoft security flaws to infect machines with TSSL and Titan Android malware, according to AlienVault.

iTranslator Malware Installs Two Drivers to Perform a MitM Attack

Researchers from FortiGuard Labs discovered a malware sample called iTranslator that installs two drivers onto infected machines to perform man-in-the-middle (MitM) attacks.

Threat Actors Use Delphi Packer to Shield Binaries From Malware Classification

Security researchers observed threat actors using a Delphi packer to shield their binaries from malware classification by antivirus and other detection tools.

Sednit APT Group Uses First UEFI Rootkit Detected in the Wild to Execute LoJax Malware

For the first time ever, researchers discovered a UEFI rootkit in the wild that they believe the Sednit APT group used to execute LoJax malware.

Partnerstroka Tech Support Scam Preys on Users With New Browser Locking Tactic

Researchers discovered a large tech support scam operation called Partnerstroka that preyed on unsuspecting users with an innovative browser locking technique.

Victims of Turla Backdoor More Numerous Than Originally Thought

Researchers recently discovered that the number of victims of a unique backdoor developed by advanced threat group Turla is much higher than originally thought.

First Publicly Known Malicious Crypto-Mining Campaign Launched Via Kodi

Researchers at ESET discovered a malicious crypto-mining campaign launched via the Kodi platform that used add-on repositories to spread malware through Kodi's ecosystem and mine for Monero.

Cobalt Gang Using CobInt Downloader to Install Malware on Systems of Interest

Security researchers observed the threat group Cobalt Gang using a downloader known as CobInt to infect and subsequently install additional malware on systems of interest.

Mirai and Gafgyt IoT Malware Now Targeting SonicWall’s GMS and Apache Struts Exploits

Malware authors have released modified versions of the Mirai and Gafgyt IoT malware that are capable of targeting vulnerabilities affecting SonicWall's GMS and Apache Struts.