Void Rabisu, an intrusion set associated with ransomware attacks and campaigns against Ukraine and its supporters, has primarily targeted government and military entities, using tactics common among cybercriminals and nation-state-sponsored actors. The primary tool used by the group is the ROMCOM backdoor. Interestingly, Void Rabisu exploited a zero-day vulnerability, CVE-2023-36884, in two separate campaigns, one of which specifically targeted attendees of the 2023 Women Political Leaders Summit (WPL) in Brussels.
News alert: Hybrid Analysis adds Criminal IP’s real-time domain scans, boosts malware detection – Security Boulevard
Security Boulevard reports that Hybrid Analysis has enhanced its malware detection capabilities by integrating real-time domain scans of Criminal IP’s. This addition is expected to