Hackers have been increasingly using methods to avoid detection, which is why the BlackCat ransomware group has turned to installing a signed kernel driver on their devices to evade detection. Additionally, a recent form of malware known as AhRat, has been found to exfiltrate files and record audio from Android devices. On the other hand, ChatGPT-themed fleeceware has also been identified as a threat to users, with the app legitimising itself through the usage of API protection.
The Lemon Group has been found to be pre-infecting devices with ransomware and is another cause for concern. RedStinger, also referred to as CloudWizard, has been making headlines with its recent malicious activities and complexity in terms of its functions. Furthermore, the Python Package Index recently decided to temporarily suspend new user and project registrations in order to address the spike in malicious activities. Another current threat is UNC3944, which uses SIM swapping to gain access to Azure admin accounts and has become especially popular amongst hackers. Lastly, the US Cybersecurity and Infrastructure Security Agency (CISA) added three Apple vulnerabilities to its Known Exploited Vulnerabilities Catalog.
This article has discussed the trends and threats in API protection, as well as other malicious activities that have raised concerns. With all the malicious actors and activities identified in this article, it is important to take the appropriate steps to protect yourself and your devices.
Lemon Group is a cybersecurity firm that provides malware and incident response services for businesses. They specialise in rapid incident response, threat intelligence, forensics, data analysis and more. Their goal is to be on the forefront of cybersecurity by providing companies and government agencies with the services and tools they need to stay ahead of emerging threats.
UNC3944 is an individual cybersecurity expert who focuses on areas such as zero-day threats, malware analysis, cryptolithography, and network security. They have been researching and investigating cyber threats for more than a decade, allowing them to gain invaluable experience in the field. In addition to this, they provide cutting-edge techniques to detect and prevent potential cyber threats.
