Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](|AS14618) to the bottom mailbox to add to the whitelist


2022-06-28 16:01   Feds Knock RSocks Off: Another Big Botnet Bites the Dust    #blackberry #威胁情报 RSocks is a product for cybercriminal activities, which is powered by a botnet of infected devices. On June 16, the U.S. Department of Justice announced that they disrupted this botnet, working together with law enforcement partners in Europe and the UK.

2022-06-27 16:01   Threat Spotlight: Eternity Project MaaS Goes On and On    #blackberry #威胁情报 The Eternity Project is a malware toolkit sold as a malware-as-a-service (MaaS) opportunity. Threat actors running the service market their product in both English and Russian, and appear to have links to the Russian “Jester Group.”

2022-06-23 05:00   BlackBerry Prevents ZingoStealer    #blackberry #威胁情报 ZingoStealer malware disguises itself as “free” software to attract both attackers and victims. This threat steals sensitive user data and delivers malicious payloads to target machines. BlackBerry prevents ZingoStealer.

2022-06-16 16:01   Threat Thursday: Unique Delivery Method for Snake Keylogger    #blackberry #威胁情报 A recently found downloader for Snake Keylogger brings several slippery evasion tactics together. It socially engineers its victims, targets organizations/users that failed to patch a known exploit, and uses a variety of twists and turns in an effort to evade traditional antivirus products.

2022-06-13 22:00   BlackBerry Prevents LokiLocker    #blackberry #威胁情报 Like its namesake Norse deity, LokiLocker has many malicious tricks up its sleeve. This recently identified ransomware compromises the victim’s data immediately. BlackBerry CylancePROTECT® prevents LokiLocker.

2022-06-09 20:01   Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat    #blackberry #威胁情报 There's a new, nearly-impossible-to-detect Linux threat that may be hiding in your running processes. Learn more about "Symbiote," discovered via new joint research by Intezer and BlackBerry.

2022-06-09 20:01   Threat Flash: A New Linux Threat Identified—Symbiote    #blackberry #威胁情报 Blackberry and Intezer have just released joint research detailing a new, undetected Linux threat called Symbiote. Different from other Linux malware, the threat infects running processes rather than using a standalone executable file to inflict damage.

2022-06-03 03:15   Follina Zero-Day Weaponizes Microsoft Help Tool    #blackberry #威胁情报 A new zero-day attack goes after Windows® users in an extremely dangerous way. Someone receiving a malicious file can unknowingly advance the attack by simply hovering over and previewing a malicious file, such as a Microsoft® Word document.

2022-06-03 00:00   BlackBerry Prevents BoratRAT    #blackberry #威胁情报 Named after a certain comedic character, BoratRAT is a malware toolkit that's no laughing matter. This threat can act as ransomware and initiates total control of a device. BlackBerry protects against BoratRAT.

2022-06-02 16:01   Threat Thursday: BlackCat Slinks Out of the Shadows with Ransomware-as-a-Service    #blackberry #威胁情报 BlackCat is bigger and badder than ever. ALPHV, the threat group behind BlackCat, recently introduced the option for other threat actors to subscribe to its Ransomware-as-a-Service (RaaS) offering.

2022-05-24 16:01   Yashma Ransomware, Tracing the Chaos Family Tree    #blackberry #威胁情报 It’s not often that we get to observe the 'behind-the-scenes' drama that can accompany the creation of new malware. One such glimpse gave us new insights into the origins of Chaos malware, revealing a twisted family tree that links it to both Onyx and Yashma ransomware variants.

2022-05-20 04:45   .NET Stubs: Sowing the Seeds of Discord    #blackberry #威胁情报 Early in 2022, a wiper dubbed WhisperGate targeted Ukrainian government and private sector organizations. Using open-source intelligence techniques, we found MSIL stubs within this malware that helped us uncover additional threats and link them to specific campaigns by other threat actors.

2022-05-13 07:00   Russia-Linked Conti Group Creates National Emergency for Costa Rica    #blackberry #威胁情报 The threat group behind Conti ransomware is causing a national crisis in Costa Rica, where government agencies are being hammered by relentless cyberattacks. In addition to attacking more targets, Conti’s possible connections to Emotet and Black Basta suggest its influence may be growing.

2022-05-12 16:01   Threat Thursday: Malware Rebooted - How Industroyer2 Takes Aim at Ukraine Infrastructure    #blackberry #威胁情报 Since the outbreak of conflict in Eastern Ukraine in 2014, there have been several notable attempts to disrupt the electrical infrastructure of the country. While an attack with Industroyer2 was recently thwarted, analysis of this malware provides useful insight into threat actors’ behaviors.

2022-05-11 23:00   BlackBerry Prevents Purple Fox Rootkit    #blackberry #威胁情报 Active since early 2022, Purple Fox is a malware campaign distributed using a fake Telegram installer. The malware attempts to stay under the radar by breaking its attack chain into multiple, discrete stages with each stage carried out by a different file. BlackBerry protects against Purple Fox.