• Follow Us

Locked Dorr Security
  • Home
    • Newsletter
    • Locked Dorr Security Blog
  • Cyber News
    • Latest Cyber News and Breaches
    • Latest Malware
    • Latest in Scada and Industrial Control
  • Useful Links and How To Posts
    • Staying Up to Date with Cyber
    • Virtulization
      • Set up a “Host Only” Malware Testing Environment in esxi
      • Setting up ProxMox on a Trunk with multiple Interfaces
      • Import vmdk Virtual Disk from OVF into ProxMox
      • Setting Up a SPAN and Linux Bridge for a Network Sensor
    • Remote Management
      • Gl-iNet Travel Router with Wireguard
      • Guacamole Server for Clientless RDP/VNC Access
      • SSH login with Keys: Login without a Password
      • Lab Management with Portainer with DashMachine
    • Linux
      • Managing Linux Firewalls
    • pfSense and Hosting Web Services
      • SSL Offloading with HA Proxy on pfSense
      • Using Cloudflare with Namecheap DNS & Web-hosting Services and pfSense HA Proxy
    • Protecting Network Traffic with Wireguard or VPNs
      • Protecting your network traffic with Wireguard
      • Adding HA Proxy with Wireguard to proxy Network Traffic to pfSense
    • Install Arkime for conducting PCAP Analysis
    • Install Elastiflow Server on Ubuntu 20.04.1 LTS
    • Shutdown multiple Docker Images Gracefully
    • Updating my CTFd Docker Container with local git clones Repositories
    • Useful Links and How To Posts
  • Defensive Cyber
    • Scanning Techniques with NMAP
    • Packet Analysis with Magic Shark
    • Packet Analysis with tshark
    • Packet Analysis with Data Science
  • Hacktivities
    • RouterSpace Write-up on HTB
  • Docs
  • Home
    • - Newsletter
    • - Locked Dorr Security Blog
  • Cyber News
    • - Latest Cyber News and Breaches
    • - Latest Malware
    • - Latest in Scada and Industrial Control
  • Useful Links and How To Posts
    • - Staying Up to Date with Cyber
    • - Virtulization
      • - - Set up a “Host Only” Malware Testing Environment in esxi
      • - - Setting up ProxMox on a Trunk with multiple Interfaces
      • - - Import vmdk Virtual Disk from OVF into ProxMox
      • - - Setting Up a SPAN and Linux Bridge for a Network Sensor
    • - Remote Management
      • - - Gl-iNet Travel Router with Wireguard
      • - - Guacamole Server for Clientless RDP/VNC Access
      • - - SSH login with Keys: Login without a Password
      • - - Lab Management with Portainer with DashMachine
    • - Linux
      • - - Managing Linux Firewalls
    • - pfSense and Hosting Web Services
      • - - SSL Offloading with HA Proxy on pfSense
      • - - Using Cloudflare with Namecheap DNS & Web-hosting Services and pfSense HA Proxy
    • - Protecting Network Traffic with Wireguard or VPNs
      • - - Protecting your network traffic with Wireguard
      • - - Adding HA Proxy with Wireguard to proxy Network Traffic to pfSense
    • - Install Arkime for conducting PCAP Analysis
    • - Install Elastiflow Server on Ubuntu 20.04.1 LTS
    • - Shutdown multiple Docker Images Gracefully
    • - Updating my CTFd Docker Container with local git clones Repositories
    • - Useful Links and How To Posts
  • Defensive Cyber
    • - Scanning Techniques with NMAP
    • - Packet Analysis with Magic Shark
    • - Packet Analysis with tshark
    • - Packet Analysis with Data Science
  • Hacktivities
    • - RouterSpace Write-up on HTB
  • Docs

Latest Malware

  • North Korea Attacks South Koreans With Ransomware – Dark Reading
    August 14, 2025
    DPRK hackers are throwing every kind of malware at the wall and seeing what sticks, deploying stealers, backdoors, and ransomware all at once.
  • New Cyber Threat Curly COMrades Deploys MucorAgent on Eastern Europe – WebProNews
    August 13, 2025
    Emerging Threat Actors in Cyberspace. In the shadowy realm of cyber espionage, a new group dubbed Curly COMrades has emerged as a formidable …
  • Beware: This Dangerous Malware Pretends to Be a Phone Antivirus – Android Headlines
    August 13, 2025
    A new LunaSpy spyware has been lurking around since at least February 2025. It pretends to be Android antivirus to steal all your data.
  • Russian "LameHug" malware uses GenAI to automate attacks – Lexology
    August 13, 2025
    In analysis heralded as the first of its kind, Ukrainian authorities have published a report into malware that employed an AI Large Language …
  • Croatian research institute confirms ransomware attack via ToolShell vulnerabilities
    August 13, 2025
    The Ruđer Bošković Institute is one of 9000+ institutions worldwide attacked with ransomware via the SharePoint "ToolShell" vulnerabilities.
  • Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild – Bleeping Computer
    August 13, 2025
    Fortinet is warning about a remote unauthenticated command injection flaw in FortiSIEM that has in-the-wild exploit code, making it critical for …
  • New Brute-Force Campaign Hits Fortinet SSL VPN in Coordinated Attack – Hackread
    August 13, 2025
    A surge in brute-force attacks on Fortinet products could signal a new vulnerability. A timeline shows a strong link between attack spikes and …
  • New downgrade attack can bypass FIDO auth in Microsoft Entra ID – Bleeping Computer
    August 13, 2025
    Security researchers have created a new FIDO downgrade attack against Microsoft Entra ID that tricks users into authenticating with weaker login …
  • New 'Curly COMrades' APT Hackers Attacking Targeting Critical Organizations in Countries
    August 13, 2025
    A sophisticated new threat actor group dubbed “Curly COMrades” has emerged as a significant cybersecurity concern, conducting targeted espionage …
  • Fake TradingView Ads Offer "Free Premium"—and Deliver Malware Instead
    August 13, 2025
    Scam ads posing as TradingView promotions are circulating on Facebook, luring users with promises of free premium subscriptions and cryptocurrency …
  • OpenAI adds new GPT-5 models, restores o3, o4-mini and it's a mess all over again
    August 13, 2025
    One of the few things many disliked about ChatGPT was the confusing number of models. OpenAI claimed GPT-5 would fix this, but it seems to have …
  • Fake Minecraft Installer Spreads NjRat Spyware to Steal Data – Hackread
    August 13, 2025
    Point Wild's Lat61 Threat Intelligence Team has uncovered a new cyber threat targeting fans of the popular game Minecraft. Malware disguised as a …
  • Docker could still be hosting a whole load of potentially malicious images – putting users at risk
    August 13, 2025
    At least 35 Linux images hosted on Docker Hub contain dangerous backdoor malware, which could put software developers and their products at risk …
  • New PS1Bot Malware Campaign Uses Malvertising to Deploy Multi-Stage In-Memory Attacks
    August 13, 2025
    Furthermore, the activity cluster has been identified as overlapping with previous ransomware-related campaigns utilizing a malware named Skitnet (aka …
  • Infostealers: Can't stop, Won't Stop | SecurityInfoWatch
    August 13, 2025
    … malware developer behind the Hellcat ransomware is now offering a new server-side infostealer. Until now, infostealers have been client-side …
  • Ankura CTIX FLASH Update – August 12, 2025 – Fin Tech – United States – Mondaq
    August 13, 2025
    Malware Activity … GreedyBear is a group that has stolen over $1 million in cryptocurrency through malicious browser extensions and fake websites.
  • New MucorAgent malware leveraged in Eastern Europe-targeted campaign | SC Media
    August 13, 2025
    Hackread reports that attacks with the novel MucorAgent backdoor have been deployed by Russia-linked threat operation Curly COMrades against …
  • Microsoft's latest major patch fixes a serious zero-day flaw, and a host of other issues – so update now
    August 13, 2025
    Microsoft has released its August 2025 Patch Tuesday package, a cumulative set of updates addressing more than 100 vulnerabilities across a host …
  • Kaspersky: Gaming threats seep into APAC – ET CISO
    August 13, 2025
    Kaspersky reports a massive leak of gaming credentials. Eleven million accounts were compromised in 2024. Steam accounts suffered the most, …
  • New Windows 0-Click NTLM Credential Leakage Vulnerability Bypasses Microsoft's Patch
    August 13, 2025
    A critical zero-click NTLM credential leakage vulnerability that circumvents Microsoft's recent patch for CVE-2025-24054.
Welcome to Locked Dorr Security
  • PRIVACY POLICY
  • TERMS OF USE
  • CONTACT US