March 20, 2023
Via: Security WeekAcrobat Sign is a cloud service that allows registered users to sign, send, and track documents in real-time, as well as to send signature requests to anyone. When a signature request is sent, Acrobat Sign automatically generates and sends an […]
March 15, 2023
Via: Help Net SecurityESET researchers have uncovered a compromise of an East Asian data loss prevention (DLP) company. The attackers utilized at least three malware families during the intrusion, compromising both the internal update servers and third-party tools utilized by the company. This […]
March 9, 2023
Via: The RegisterSuspected Chinese cyber criminals have zeroed in on unpatched SonicWall gateways and are infecting the devices with credential-stealing malware that persists through firmware upgrades, according to Mandiant. The spyware targets the SonicWall Secure Mobile Access (SMA) 100 Series – a […]
March 2, 2023
Via: Tech RadarBot malware, where incidents automated malicious code capable of exfiltrating entire user profiles from target endpoints, are on the rise, a new report from NordVPN has warned. The company’s research claims that the data of five million people has been […]
February 23, 2023
Via: The Hacker NewsTrojanized versions of legitimate applications are being used to deploy evasive cryptocurrency mining malware on macOS systems. Jamf Threat Labs, which made the discovery, said the XMRig coin miner was executed by means of an unauthorized modification in Final Cut […]
Cyber-crime, Malware, Threats & Malware, Vulnerabilities
February 22, 2023
Via: Help Net SecurityResearchers identified 56 new vulnerabilities associated with ransomware threats among a total of 344 threats identified in 2022 – marking a 19% increase year-over-year. Threat actors are actively searching the internet and deep and dark web for 180 vulnerabilities known […]
February 20, 2023
Via: The Hacker NewsThe cyber espionage threat actor tracked as Earth Kitsune has been observed deploying a new backdoor called WhiskerSpy as part of a social engineering campaign. Earth Kitsune, active since at least 2019, is known to primarily target individuals interested in […]
February 20, 2023
Via: Naked SecurityLate last week [2023-02-16], popular web hosting company GoDaddy filed its compulsory annual 10-K report with the US Securities and Exchange Commission (SEC). Under the sub-heading Operational Risks, GoDaddy revealed that: In December 2022, an unauthorized third party gained access […]
February 15, 2023
Via: The Hacker NewsA new financially motivated campaign that commenced in December 2022 has seen the unidentified threat actor behind it deploying a novel ransomware strain dubbed MortalKombat and a clipper malware known as Laplas. Cisco Talos said it “observed the actor scanning […]
February 10, 2023
Via: Security WeekOn February 1, Fortra alerted GoAnywhere MFT users about a zero-day remote code injection exploit. The vendor immediately provided indicators of compromise (IoCs) and mitigations, but released a patch only a week later. Users, particularly those who are running an […]
February 7, 2023
Via: Security WeekCl0p has been one of the most active ransomware families over the past several years, targeting numerous private and public organizations globally, in sectors such as aerospace, energy, education, finance, high-tech, healthcare, manufacturing, telecoms, and transportation and logistics. In November […]
February 2, 2023
Via: The Hacker NewsAt least 1,200 Redis database servers worldwide have been corralled into a botnet using an “elusive and severe threat” dubbed HeadCrab since early September 2021. “This advanced threat actor utilizes a state-of-the-art, custom-made malware that is undetectable by agentless and […]
February 1, 2023
Via: The Hacker NewsThe Brazilian threat actors behind an advanced and modular point-of-sale (PoS) malware known as Prilex have reared their head once again with new updates that allow it to block contactless payment transactions. Russian cybersecurity firm Kaspersky said it detected three […]
February 1, 2023
Via: Security AffairsLockbit ransomware operators have implemented a new version of their malware, dubbed LockBit Green, which was designed to include cloud-based services among its targets. This is the third version of the ransomware developed by the notorious gang, after the Lockbit […]
January 19, 2023
Via: SecurelistRoaming Mantis (a.k.a Shaoye) is well-known as a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected Android devices and steal device information; it also uses phishing pages to steal user credentials, with a strong financial […]
January 19, 2023
Via: The Hacker NewsThe threat actor behind the BlackRock and ERMAC Android banking trojans has unleashed yet another malware for rent called Hook that introduces new capabilities to access files stored in the devices and create a remote interactive session. ThreatFabric, in a […]
January 17, 2023
Via: The Hacker NewsNew research has found that it is possible for threat actors to abuse a legitimate feature in GitHub Codespaces to deliver malware to victim systems. GitHub Codespaces is a cloud-based configurable development environment that allows users to debug, maintain, and […]
January 17, 2023
Via: CSO OnlineAttackers could start abusing GitHub Codespaces, a new service that allows developers to create and test applications inside development containers running on GitHub’s servers. Developers can make their applications accessible via public GitHub URLs for preview by others, a functionality […]
January 13, 2023
Via: The Hacker NewsA recent IcedID malware attack enabled the threat actor to compromise the Active Directory domain of an unnamed target less than 24 hours after gaining initial access, while also borrowing techniques from other groups like Conti to meet its goals. […]
January 13, 2023
Via: The Hacker NewsRemote access trojans such as StrRAT and Ratty are being distributed as a combination of polyglot and malicious Java archive (JAR) files, once again highlighting how threat actors are continuously finding new ways to fly under the radar. “Attackers now […]