• Follow Us

Locked Dorr Security
  • Home
    • Newsletter
    • Locked Dorr Security Blog
  • Cyber News
    • Latest Cyber News and Breaches
    • Latest Malware
    • Latest in Scada and Industrial Control
  • Useful Links and How To Posts
    • Staying Up to Date with Cyber
    • Virtulization
      • Set up a “Host Only” Malware Testing Environment in esxi
      • Setting up ProxMox on a Trunk with multiple Interfaces
      • Import vmdk Virtual Disk from OVF into ProxMox
      • Setting Up a SPAN and Linux Bridge for a Network Sensor
    • Remote Management
      • Gl-iNet Travel Router with Wireguard
      • Guacamole Server for Clientless RDP/VNC Access
      • SSH login with Keys: Login without a Password
      • Lab Management with Portainer with DashMachine
    • Linux
      • Managing Linux Firewalls
    • pfSense and Hosting Web Services
      • SSL Offloading with HA Proxy on pfSense
      • Using Cloudflare with Namecheap DNS & Web-hosting Services and pfSense HA Proxy
    • Protecting Network Traffic with Wireguard or VPNs
      • Protecting your network traffic with Wireguard
      • Adding HA Proxy with Wireguard to proxy Network Traffic to pfSense
    • Install Arkime for conducting PCAP Analysis
    • Install Elastiflow Server on Ubuntu 20.04.1 LTS
    • Shutdown multiple Docker Images Gracefully
    • Updating my CTFd Docker Container with local git clones Repositories
    • Useful Links and How To Posts
  • Defensive Cyber
    • Scanning Techniques with NMAP
    • Packet Analysis with Magic Shark
    • Packet Analysis with tshark
    • Packet Analysis with Data Science
  • Hacktivities
    • RouterSpace Write-up on HTB
  • Docs
  • Home
    • - Newsletter
    • - Locked Dorr Security Blog
  • Cyber News
    • - Latest Cyber News and Breaches
    • - Latest Malware
    • - Latest in Scada and Industrial Control
  • Useful Links and How To Posts
    • - Staying Up to Date with Cyber
    • - Virtulization
      • - - Set up a “Host Only” Malware Testing Environment in esxi
      • - - Setting up ProxMox on a Trunk with multiple Interfaces
      • - - Import vmdk Virtual Disk from OVF into ProxMox
      • - - Setting Up a SPAN and Linux Bridge for a Network Sensor
    • - Remote Management
      • - - Gl-iNet Travel Router with Wireguard
      • - - Guacamole Server for Clientless RDP/VNC Access
      • - - SSH login with Keys: Login without a Password
      • - - Lab Management with Portainer with DashMachine
    • - Linux
      • - - Managing Linux Firewalls
    • - pfSense and Hosting Web Services
      • - - SSL Offloading with HA Proxy on pfSense
      • - - Using Cloudflare with Namecheap DNS & Web-hosting Services and pfSense HA Proxy
    • - Protecting Network Traffic with Wireguard or VPNs
      • - - Protecting your network traffic with Wireguard
      • - - Adding HA Proxy with Wireguard to proxy Network Traffic to pfSense
    • - Install Arkime for conducting PCAP Analysis
    • - Install Elastiflow Server on Ubuntu 20.04.1 LTS
    • - Shutdown multiple Docker Images Gracefully
    • - Updating my CTFd Docker Container with local git clones Repositories
    • - Useful Links and How To Posts
  • Defensive Cyber
    • - Scanning Techniques with NMAP
    • - Packet Analysis with Magic Shark
    • - Packet Analysis with tshark
    • - Packet Analysis with Data Science
  • Hacktivities
    • - RouterSpace Write-up on HTB
  • Docs

Latest Malware

  • Watch out – this devious new Android malware clicks on hidden browser ads to put you at risk
    January 22, 2026
    Android trojans use TensorFlow AI to mimic human ad clicks for fraud · Fake apps on GetApps and other platforms spread malware with hidden browsers · At …
  • Linux users targeted: hackers invade Snap packages with crypto-stealing malware
    January 22, 2026
    Using new tactics, the scammers swoop in, register the expired domain, trigger a password reset on the Snap Store account, and gain control of a …
  • New Multi-Stage Windows Malware Disables Microsoft Defender Before Dropping Malicious …
    January 22, 2026
    A multi-stage Windows malware campaign uses business lures and cloud abuse to disable Defender before deploying ransomware.
  • Web skimming attacks target major payment networks – Fox News
    January 22, 2026
    Web skimming is a technique where criminals secretly add malicious code to checkout pages so they can steal payment details as shoppers type them in.
  • New Osiris Ransomware Emerges as New Strain Using POORTRY Driver in BYOVD Attack
    January 22, 2026
    The attack leveraged a malicious driver called POORTRY as part of a known technique referred to as bring your own vulnerable driver (BYOVD) to disarm …
  • Weekly Intelligence Report – 23 January 2026 – CYFIRMA
    January 22, 2026
    The malware's activity is limited to encryption and system modification related to extortion; removal of the ransomware prevents further encryption …
  • Skeleton Key campaign exploits trusted RMM tools – Techzine Global
    January 22, 2026
    KnowBe4 warns of a Skeleton Key campaign in which attackers abuse RMM tools such as GoTo and LogMeIn for backdoor access.
  • Public Container Registry Risks 2026: Malicious Images & Mitigation – Qualys Blog
    January 22, 2026
    Public container registries (Docker Hub, ECR Public) are silent risk multipliers in 2026 — crypto mining, malware, typo-squatting in images.
  • Old Attack, New Speed: Researchers Optimize Page Cache Exploits – SecurityWeek
    January 22, 2026
    A team of researchers has revived Linux page cache attacks, demonstrating that they are not as impractical as previously believed.
  • RealHomes CRM Plugin Flaw Affected 30,000 WordPress Sites – Infosecurity Magazine
    January 22, 2026
    The vulnerability affected RealHomes CRM versions 1.0.0 and earlier and allowed any logged-in user with Subscriber-level access or higher to upload …
  • Mid-Sized Manufacturers Lead Ransomware Spike
    January 22, 2026
    SMBs are attractive targets for ransomware attacks because they often lack security staff and tools, and operate within limited cybersecurity budgets.
  • Dark Web Profile: Anubis Ransomware – SOCRadar
    January 22, 2026
    Anubis ransomware is a Ransomware-as-a-Service (RaaS) group that challenges one of the core assumptions of modern ransomware response…
  • KONNI Adopts AI to Generate PowerShell Backdoors – Check Point Research
    January 22, 2026
    Key Findings: Check Point Research (CPR) is tracking a phishing campaign linked to a North Korea–aligned threat actor known as KONNI. This activity …
  • Skeleton Key attack shows how hackers are bypassing malware defenses using legitimate software
    January 22, 2026
    The credential harvesting stage sees the attackers sending phishing emails disguised as legitimate Greenvelope invitations in an attempt to trick …
  • Hackers turn LinkedIn messages into malware delivery channel – AIM Group
    January 22, 2026
    A recent investigation by The Hacker News details a malware campaign that uses LinkedIn direct messages to distribute a remote access trojan (RAT) …
  • New Wave of Attacks Targeting FortiGate Firewalls – SecurityWeek
    January 22, 2026
    Scroll to continue reading. Now, the cybersecurity company says it has observed a new wave of malicious SSO logins on FortiGate appliances …
  • Solo mind behind powerful Linux malware VoidLink​ | Cybernews
    January 22, 2026
    A solo developer utilizing AI agents and advanced methodology created VoidLink, a highly sophisticated Linux malware framework.
  • We Asked Cybersecurity Experts for Their 2026 Predictions – Tech.co
    January 22, 2026
    This year, the landscape of cybersecurity will never be the same. Experts gave us their prediction, from data surges to AI malware.
  • VoidLink malware was almost entirely made by AI – CSO Online
    January 22, 2026
    Check Point Research says the Linux malware framework was authored largely through AI-driven processes, lowering the barrier to producing complex …
  • The Next Frontier of Runtime Assembly Attacks: Leveraging LLMs to Generate Phishing …
    January 22, 2026
    Suspected Nation-State Threat Actor Uses New Airstalk Malware in a Supply Chain Attack .NET · CL-STA-1009 · Malicious PowerShell scripts · Read now …
Welcome to Locked Dorr Security
  • PRIVACY POLICY
  • TERMS OF USE
  • CONTACT US