Design a site like this with
Get started

GoldenBall — GoldenSpy V2.0

Trustwave researchers recently identified backdoor in Golden Tax Software “Aisino”. There is another Golden Tax software “Baiwang” which also delivers malicious payloads. Golden Tax Invoicing System (金税开票系统) There are two official providers of Invoicing Systems in China for the government: Aisino (航天) and Baiwang (百望). All businesses must issue VAT invoices through the Golden TaxContinue reading “GoldenBall — GoldenSpy V2.0”

Lazarus group leverages Covid themed HWP Document

Lazarus Group, a North Korean nation-state sponsored threat actor serves as an umbrella for several subgroups and has extensive operations as early as 2009. Lazarus is a financially motivated North Korean regime-backed group responsible for conducting destructive attacks against financial institutions, as well as some of the world’s largest cyber heists. Based on widely publicizedContinue reading “Lazarus group leverages Covid themed HWP Document”

Revive of Crimson RAT

Crimson RAT was previously used by Pakistani Threat Actors Transparent Tribe Crowdstrike has been tracking the Threat Actor by name MYTHIC LEOPARD since 2016. According to the blog, MYTHIC LEOPARD is Pakistan-based adversary with operations likely located in Karachi. This adversary uses social engineering and spear phishing to target Indian military and defense entities with Crimson RAT. FireEye tracks similar threatContinue reading “Revive of Crimson RAT”

Maze Ransomware Victim’s data revealed

Recently various successful ransomware attacks are observed, of which Maze Ransomware tops the list. Threat Actors behind Maze Ransomware is attributed as TA2101 by Proofpoint and APT-29 by Talosintelligence.The Maze team is publicly exposing victims by displaying real files exfiltrated from their hacked servers. Threat Actors supposed to have registered the domain mazenews[.]top to release the exfiltrated data. RecentContinue reading “Maze Ransomware Victim’s data revealed”