Wi-Fi Warfare: The Shocking New Hack That Exploits Neighboring Businesses
A Russian state-sponsored hacking group, GruesomeLarch (also known as APT28 or Fancy Bear), has developed a sophisticated method called the “Nearest Neighbor Attack.” This technique allows hackers to remotely infiltrate organizations by exploiting the Wi-Fi networks of nearby businesses, without needing malware or physical presence. How the Attack Worked The attack was discovered in February …
Read more “Wi-Fi Warfare: The Shocking New Hack That Exploits Neighboring Businesses”
Is this attacker’s IP spoofed?
We’re actively sending abuse alert emails to network owners, alerting them to potential compromises on their servers. Recently, several TOR operators (middle, guard, and exit nodes) have reached out, reporting that their IPs were spoofed. While these claims have validity, we’d like to highlight that a significant amount of the TCP port 22 traffic we …
QakBot Malware Operators Expand C2 Network with 15 New Servers
The operators associated with the QakBot (aka QBot) malware have set up 15 new command-and-control (C2) servers as of late June 2023. Source: QakBot Malware Operators Expand C2 Network with 15 New Servers (thehackernews.com)
Custom Yashma Ransomware Crashes Into the Scene
The threat actor is targeting organizations in Bulgaria, China, Vietnam, and various English-speaking nations. Source: https://www.darkreading.com/threat-intelligence/custom-yashma-ransomware-crashes-into-the-scene