Palo Alto Networks' Unit 42 threat intelligence team has unveiled a comprehensive new methodology for attributing cyber attacks to specific threat actors, addressing long-standing challenges in the cybersecurity industry where attribution has been "more art than science."
The Unit 42 Attribution Framework establishes a systematic...
Cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have identified a sophisticated campaign targeting poorly secured Linux servers through SSH brute force attacks, deploying a Python-based DDoS botnet called SVF Bot that leverages Discord as its command-and-control infrastructure.
Discord-Powered Botnet Architecture
The SVF Botnet represents a...
Cybersecurity researchers have uncovered a sophisticated new attack campaign where threat actors are weaponizing Scalable Vector Graphics (SVG) files to deliver malicious JavaScript payloads and redirect unsuspecting users to attacker-controlled infrastructure.
This emerging technique exploits the trusted nature of image files to bypass traditional...
Socket's Threat Research Team has uncovered a significant supply chain security incident involving protestware that has spread across at least 28 new npm packages with nearly 2,000 versions.
The malicious code targets Russian-language users visiting Russian or Belarusian websites, disabling UI interactions and playing...
In recent weeks, U.S. water treatment facilities and other critical infrastructure have come under sustained digital assault attributed to Iranian-linked cyber units.
Security researchers have uncovered evidence that Intelligence Group 13, an advanced persistent threat cell operating within the IRGC’s Shahid Kaveh Cyber Group,...
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) today sanctioned Song Kum Hyok, a North Korean cyber actor linked to the Democratic People's Republic of Korea (DPRK) Reconnaissance General Bureau's hacking group Andariel, along with a Russia-based network of individuals and entities...