Alerts | Guyana National CIRT

AL2023_40 Researchers Uncover Powerful Backdoor and Custom Implant in Year-Long Cyber Campaign (May 15, 2023)

Government, aviation, education, and telecommunication sectors located in South and Southeast Asia came in contact with a new hacking group as part of a highly-targeted campaign that commenced in mid-2022 and continued into the first quarter of 2023.

Read more about AL2023_40 Researchers Uncover Powerful Backdoor and Custom Implant in Year-Long Cyber Campaign (May 15, 2023)

AL2023_39 Stealthier Version of Linux BPFDoor Malware Spotted in the Wild (May 11, 2023)

A new, stealthier variant of the Linux malware known as 'BPFDoor' has been discovered, featuring encryption standards and reverse shell communications.

Read more about AL2023_39 Stealthier Version of Linux BPFDoor Malware Spotted in the Wild (May 11, 2023)

AL2023_38 New identified ransomware group targets companies internationally (May 16, 2023)

Cisco Talos recently discovered a new ransomware group called RA Group that has been actively targeting companies in the United States and South Korea with their new ransomware created from leaked code.

Read more about AL2023_38 New identified ransomware group targets companies internationally (May 16, 2023)

AL2023_37 MichaelKors Ransomware-as-a-Service: A New Cyber Threat on the Rise (May 15, 2023) 

A newly unveiled digital menace known as MichaelKors Ransomware-as-a-Service. This insidious cyber threat has gained notoriety for its ability to empower malevolent actors with a simple and effective means to unleash devastating ransomware attacks. 

Read more about AL2023_37 MichaelKors Ransomware-as-a-Service: A New Cyber Threat on the Rise (May 15, 2023)

AL2023_36 RokRAT malware deployed via LNK file infection (16th May 2023)

The APT37 group ScarCruft adopts a new infection chain technique by using LNK files to deliver their malware, RokRAT.

Read more about AL2023_36 RokRAT malware deployed via LNK file infection (16th May 2023)