all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Qakbot-affiliated actors distribute Ransom Night malware despite infrastructure takedown

Add to bookmarks
Oct. 5, 2023, 11 a.m. | Guilherme Venere

Cisco Talos Intelligence Group - Comprehensive Threat Intelligence blog.talosintelligence.com

The threat actors behind the Qakbot malware have been conducting a campaign since early August 2023 in which they have been distributing Ransom Knight ransomware and the Remcos backdoor via phishing emails.

august backdoor campaign emails infrastructure malware phishing phishing emails qakbot qakbot malware ransom ransomware remcos securex takedown threat threat actors

Visit resource

More from blog.talosintelligence.com / Cisco Talos Intelligence Group - Comprehensive Threat Intelligence

The private sector probably isn’t coming to save the NVD 2 days, 2 hours ago | blog.talosintelligence.com
arcanedoor coming cybercrime isn +9
Talos IR trends: BEC attacks surge, while weaknesses in MFA persist 2 days, 8 hours ago | blog.talosintelligence.com
adversaries attacks bec bec attacks +17
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices 3 days, 4 hours ago | blog.talosintelligence.com
apt campaign campaigns devices +15
Suspected CoralRaider continues to expand victimology using three information stealers 4 days, 8 hours ago | blog.talosintelligence.com
apt argument bypass command +17
What’s the deal with the massive backlog of vulnerabilities at the NVD? 1 week, 1 day ago | blog.talosintelligence.com
backlog current deal management +10
Could the Brazilian Supreme Court finally hold people accountable for sharing disinformation? 1 week, 2 days ago | blog.talosintelligence.com
account blocked court disinformation +8
OfflRouter virus causes Ukrainian users to upload confidential documents to VirusTotal 1 week, 3 days ago | blog.talosintelligence.com
cisco cisco talos code confidential +20
Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials 1 week, 4 days ago | blog.talosintelligence.com
attacks brute brute-force cisco +24
The internet is already scary enough without April Fool’s jokes 2 weeks, 2 days ago | blog.talosintelligence.com
april backdoor community internet +7

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior Security Researcher, SIEM

@ Huntress | Remote Canada
View on infosec-jobs.com

Senior Application Security Engineer

@ Revinate | San Francisco Bay Area
View on infosec-jobs.com

Cyber Security Manager

@ American Express Global Business Travel | United States - New York - Virtual Location
View on infosec-jobs.com

Incident Responder Intern

@ Bentley Systems | Remote, PA, US
View on infosec-jobs.com

SC2024-003533 Senior Online Vulnerability Assessment Analyst (CTS) - THU 9 May

@ EMW, Inc. | Mons, Wallonia, Belgium
View on infosec-jobs.com
View more jobs