The source code and builder for Russian ransomware strain Zeppelin have been sold for $500, which could potentially mark the revival of a ransomware-as-a-service (RaaS) featuring Zeppelin. Experts had previously regarded Zeppelin as non-operational and defunct. Israeli cybersecurity firm KELA found the sale on the RAMP Russian cybercrime forum. The code seems to be a corrected version of Zeppelin which once made numerous attacks on critical infrastructure sectors in the US.
Black Basta-like Microsoft Teams phishing leads to novel backdoor
A phishing campaign exploiting Microsoft Teams has been discovered deploying a unique PowerShell backdoor. Cybersecurity firm ReliaQuest identified an attack technique previously unseen in the
