Ransomware Review – February 2022

Our rundown of the key ransomware events, attacks, and group activity from February. The FBI has issued an advisory warning that the BlackByte ransomware group has been observed targeting multiple US-based entities, including at least three related to critical infrastructure. Government facilities, alongside organisations in the financial, food and agriculture sectors, are all defined as …

Ransomware Review – February 2022 Read More »

EMEA and APAC governments targeted in widespread credential harvesting campaign

Cyjax analysts have uncovered a large credential harvesting campaign targeting multiple government departments in APAC and EMEA countries. Over 50 hostnames were analysed, many of which were posing as the Ministry of Foreign Affairs, Ministry of Finance, or Ministry of Energy, in various countries such as Uzbekistan, Belarus, and Turkey; as well as the Main …

EMEA and APAC governments targeted in widespread credential harvesting campaign Read More »

Geopolitical and Cybersecurity Weekly Brief – 12 April 2021

In the Americas, US President Joe Biden announced gun control measures following a spate of recent mass shootings. Meanwhile, the US government ruled out a federal vaccine passport scheme as the rollout of coronavirus vaccinations has accelerated. Researchers have uncovered a cpuminer being delivered in malicious traffic targeting the US education sector. This could be …

Geopolitical and Cybersecurity Weekly Brief – 12 April 2021 Read More »

Geopolitical and Cybersecurity Weekly – 20 July 2020

COVID-19 Cybersecurity Update The US National Security Agency (NSA) and the UK National Cyber Security Centre (NCSC) have disclosed new information regarding Russian threat group APT29 targeting research organisations worldwide. The group is believed to operate on behalf of the Russian intelligence services. The campaign against organisations participating in coronavirus (COVID-19) vaccine development also targeted …

Geopolitical and Cybersecurity Weekly – 20 July 2020 Read More »

Spam campaign using Discord to host malware

Cyjax researchers have observed a recent malicious spam campaign pushing commodity malware such as the AgentTesla infostealer and AveMaria remote access Trojan (RAT). This campaign caught our attention due to its reliance on Discord, the instant messaging and VoIP application, to host its payloads. The spam emails are sent from spoofed sender addresses and masquerade …

Spam campaign using Discord to host malware Read More »

Scroll to Top