Quotidien Shaarli

End of June 2021, Qrator Labs started to see signs of a new assaulting force on the Internet – a botnet of a new kind. That is a joint research we conducted together with Yandex to elaborate on the specifics of the DDoS attacks enabler emerging in almost real-time.

Observing the ongoing conflict between Russia and Ukraine, we can clearly see that cyberattacks leveraging malware are an important part of modern hybrid war strategy.

A new wave of phishing is currently circulating (a related story from derstandard.at newspaper can be found here). Documents are said to have been sent to you from a scanner, which you can allegedly download, as can be seen in the following image

• TA558 is a likely financially motivated small crime threat actor targeting hospitality, hotel, and travel organizations.
• Since 2018, this group has used consistent tactics, techniques, and procedures to attempt to install a variety of malware including Loda RAT, Vjw0rm, and Revenge RAT.
• TA558’s targeting focus is mainly on Portuguese and Spanish speakers, typically located in the Latin America region, with additional targeting observed in Western Europe and North America.
• TA558 increased operational tempo in 2022 to a higher average than previously observed.
• Like other threat actors in 2022, TA558 pivoted away from using macro-enabled documents in campaigns and adopted new tactics, techniques, and procedures.

Killnet makes three announcements The past month seemed to be a turning point for the pro-Russian hacktivist group “Killnet”—and it was very eager to tell the world about it.  First, on July 27, “Killmilk”—the founder and the head of the group who led its transformation from a DDoS-for-hire outlet i