DarkCloud Stealer: Inside a Sophisticated Malware Campaign Using AutoIt

Introduction Unit 42 researchers have recently uncovered an advanced phishing campaign leveraging DarkCloud Stealer, an information-stealing malware active since 2022. This malware uses complex evasion techniques, including AutoIt scripting, to bypass security mechanisms and extract sensitive user data. Here’s a breakdown of how this stealthy malware operates and what you can do to protect your …

Was M&S incident likely to be Ransomware?

UK retail giant Marks and Spencer (M&S) has confirmed a recent “cyber incident” that disrupted key services, including its Click and Collect orders and contactless payment systems. The company has implemented temporary operational changes to safeguard customer data and business continuity, while engaging external cybersecurity experts to investigate the breach. Key Details: Impacted Services: Delays …

Using AI to Improve Cybersecurity

Thanks to Ms Janette Toral for featuring us in Manila Times: “Data from recent analyses, sourced from studies conducted by Wilson Chua of Watchdog Cyber Defense, highlights concerning trends that underscore the urgent need for robust cybersecurity strategies. Adopting advanced AI-powered cybersecurity solutions is no longer optional for Philippine enterprises operating in the manufacturing, retail, …

In the News:

Distributed Denial-of-Service (DDoS) attacks have doubled in 5 years (2018 to 2023). It also evolved over time. We see hackers using Spoofed IP addresses while launching attacks from compromised servers. Hackers adopted this tactic of using spoofed IP addresses to “cover their tracks”. Changing the IP addresses makes it appear as though the attacks come …

Wi-Fi Warfare: The Shocking New Hack That Exploits Neighboring Businesses

A Russian state-sponsored hacking group, GruesomeLarch (also known as APT28 or Fancy Bear), has developed a sophisticated method called the “Nearest Neighbor Attack.” This technique allows hackers to remotely infiltrate organizations by exploiting the Wi-Fi networks of nearby businesses, without needing malware or physical presence. How the Attack Worked The attack was discovered in February …