New malware loader Bumblebee adopted by known ransomware access brokers

Read Time:35 Second

Several threat groups believed to be initial access facilitators for some ransomware gangs are transitioning to a new first-stage malware downloader dubbed Bumblebee. The groups previously used other downloaders like BazaLoader and IcedID.

According to researchers from security firm Proofpoint, Bumblebee email-based distribution campaigns started in March and were linked back to at least three known attack groups. The malware is used to deploy known penetration testing implants such as Cobalt Strike, Sliver and Meterpreter. Attackers have adopted these attack frameworks and other open-source dual-use tools in recent years to engage in hands-on manual hacking and lateral movement through victim networks.

To read this article in full, please click here

ISACA Highlights Critical Lack of Quantum Threat Mitigation Strategies

FBI Asks for Help Tracking Chinese Salt Typhoon Actors

Government Set to Ban SIM Farms in European First

Friday Squid Blogging: Squid Facts on Your Phone

Law Enforcement Crackdowns Drive Novel Ransomware Affiliate Schemes

SAP Fixes Critical Vulnerability After Evidence of Exploitation

M&S Shuts Down Online Orders Amid Ongoing Cyber Incident

Security Experts Flag Chrome Extension Using AI Engine to Act Without User Input

Cryptocurrency Thefts Get Physical