Prometei botnet improves modules and exhibits new capabilities in recent updates
The high-profile botnet, focused on mining cryptocurrency, is back with new Linux versions.
Lemon Duck spreads its wings: Actors target Microsoft Exchange servers, incorporate new TTPs
By Caitlin Huey and Andrew Windsor with contributions from Edmund Brumaghin. * Lemon Duck continues to refine and improve upon their tactics, techniques and procedures as they attempt to maximize the effectiveness of their campaigns. * Lemon Duck remains relevant as the operat
Breaking down a two-year run of Vivin’s cryptominers
News Summary * There is another large-scale cryptomining attack from an actor we are tracking as "Vivin" that has been active since at least November 2017. * "Vivin" has consistently evolved over the past few years, despite having poor operational security and exposing key det
Advanced Mobile Malware Campaign in India uses Malicious MDM
Summary Cisco Talos has identified a highly targeted campaign against 13 iPhones which appears to be focused on India. The attacker deployed an open-source mobile device management (MDM) system to control enrolled devices. At this time, we don't know how the attacker managed to