Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](|AS14618) to the bottom mailbox to add to the whitelist


2023-02-09 17:01   NewsPenguin, a Previously Unknown Threat Actor, Targets Pakistan with Advanced Espionage Tool    #blackberry #威胁情报 A previously unknown threat actor is targeting organizations in Pakistan using a complex payload delivery mechanism. The attacker abuses the upcoming Pakistan International Maritime Expo & Conference (PIMEC-2023) as a lure to trick victims into opening phishing emails.

2023-02-06 17:01   ESXiArgs Ransomware: Knocking Out Unpatched VMware ESXi Linux Servers Worldwide    #blackberry #威胁情报 A new ransomware, ESXiArgs ransomware, is targeting unpatched VMware ESXi servers connected to the Internet. The attackers utilize a two-year-old unauthenticated RCE exploit, CVE-2021-21974, to cause a heap overflow in the OpenSLP service.

2023-01-20 00:00   Gamaredon (Ab)uses Telegram to Target Ukrainian Organizations    #blackberry #威胁情报 The Gamaredon Group has been actively targeting the Ukrainian government lately, relying on the infrastructure of the popular messaging service Telegram to bypass traditional network traffic detection techniques without raising obvious flags. This new report from BlackBerry provides an analysis.

2022-12-22 00:30   Arkei Infostealer: Defeated in Milliseconds by a 2015 BlackBerry Solution    #blackberry #威胁情报 Watch how CylancePROTECT, the BlackBerry Endpoint Protection Platform (EPP) solution, can protect your network from Arkei Infostealer in this overview of what Arkei Infostealer is and how it works.

2022-12-16 17:01   Emotet Returns With New Methods of Evasion    #blackberry #威胁情报 Since its inception, Trojan behemoth Emotet has continued to steadily evolve, adding new techniques for evasion over time. The newest wave of Emotet’s spam campaigns have a new method for tricking users into allowing macros. In this blog, we’ll analyze how Emotet has achieved this.

2022-12-08 17:01   BlackByte Ransomware Takes an Extra Bite Using Double Extortion Methods    #blackberry #威胁情报 With the Grim Reaper as a mascot, a custom exfiltration tool to steal victim data, and utilization of the increasingly popular ‘double extortion’ method of deploying ransomware, it’s time to take a closer look at the threat posed by BlackByte.

2022-12-06 17:01   Mustang Panda Uses the Russian-Ukrainian War to Attack Europe and Asia Pacific Targets    #blackberry #威胁情报 APT group Mustang Panda now appears to have Europe and Asia Pacific targets in its sights. The BlackBerry Research and Intelligence team recently unearthed evidence that the group may be using global interest in the Russian-Ukraine war to deliver PlugX malware via phishing lure to unsuspecting users

2022-11-28 21:00   WhisperGate Wiper: Watch This Threat Get Silenced by BlackBerry (Video)    #blackberry #威胁情报 At first glance WhisperGate Wiper appears to be a typical ransomware. However, it's purpose isn't financial gain, but data corruption and operational disruption. Watch as WhisperGate tries to infect a system running CylanceOPTICS® and CylancePROTECT®.

2022-11-21 17:01   Gamaredon Leverages Microsoft Office Docs to Target Ukraine Government    #blackberry #威胁情报 The Gamaredon group, an anagram of "armageddon", continues their campaign of targeting military and government organizations in Ukraine. In this blog, we’ll examine how Gamaredon uses remote template injection inside Microsoft Office documents to compromise systems.

2022-11-16 17:01   ARCrypter Ransomware Expands its Operations From Latin America to the World    #blackberry #威胁情报 Between Aug. and Oct. 2022, Chile's government computer systems and Invima, The Colombia National Food and Drug Surveillance Institute, were attacked by a previously unseen ransomware variant. Based on the unique strings identified during our threat hunting efforts, BlackBerry has named this unknown

2022-11-15 05:30   Contextual Threat Intelligence: How CISOs Can Level Up Their Cyber Defenses    #blackberry #威胁情报 The BlackBerry® CTI service provides subscribers with tailored threat intelligence along with actionable insights and recommendations to bolster the cyber resilience of an organization, regardless of its size.

2022-11-03 16:01   ChromeLoader Infects the Browser by Loading Malicious Extension    #blackberry #威胁情报 Have you ever considered downloading a malicious extension for Google Chrome? If your machine is infected with ChromeLoader, you might not have a choice.

2022-11-03 02:30   RomCom Threat Actor Abuses KeePass and SolarWinds to Target Ukraine and Potentially the United Kingdom    #blackberry #威胁情报 The threat actor known as RomCom is actively deploying new campaigns aimed at victims in Ukraine and English-speaking regions. The BlackBerry Threat Research and Intelligence Team discovered new campaigns that spoof popular brand-name software packages. The United Kingdom is possibly a new target, w

2022-10-23 23:30   Unattributed RomCom Threat Actor Spoofing Popular Apps Now Hits Ukrainian Militaries    #blackberry #威胁情报 Threat actor RomCom RAT is now targeting Ukrainian military institutions. Known to deploy spoofed versions of popular software Advanced IP Scanner, once exposed, RomCom RAT switched to PDF Filler, another popular application, which indicates the group behind it is actively developing new capabilitie

2022-10-13 16:01   BianLian Ransomware Encrypts Files in the Blink of an Eye    #blackberry #威胁情报 BianLian is a financially motivated threat actor that targets a wide range of industries. It uses the exotic programming language “Go” to encrypt files with unusual speed.