Application security, Security
September 29, 2023
Via: TechRadarThe company behind the now-famous (for all the wrong reasons) MOVEit managed file transfer software has warned its clients that a different product – WS_FTP Server, also carries a couple of high-severity flaws that can be exploited in malware hacks. […]
September 27, 2023
Via: TechRadarCybersecurity researchers Cyble have recently uncovered a new malware strain for Windows, capable of stealing sensitive data from infected devices. # The malware is called Exela, and apparently, it’s using Discord to deliver the stolen information to its operators. The […]
September 26, 2023
Via: TechRadarA concerning amount of companies are pretty woeful in reporting the cyberattacks and breaches they suffer, both internally and externally. Research conducted by Keeper Security found that nearly half (48%) of the IT and security leaders it surveyed that have […]
September 26, 2023
Via: Security AffairsResearchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. In February 2022, researchers from ThreatFabric first spotted the Xenomorph malware, which was distributed via the official Google […]
Threats & Malware, Virus & Malware
September 25, 2023
Via: TechRadarAir Canada has suffered a cyberattack in which some employee information was accessed. The news was confirmed by the airline itself, via a press release published on the company’s website, where a statement revealed, “an unauthorized group briefly obtained limited […]
Threats & Malware, Virus & Malware
September 8, 2023
Via: The Hacker NewsA new malvertising campaign has been observed distributing an updated version of a macOS stealer malware called Atomic Stealer (or AMOS), indicating that it’s being actively maintained by its author. An off-the-shelf Golang malware available for $1,000 per month, Atomic […]
September 8, 2023
Via: The Hacker NewsMicrosoft Internet Information Services (IIS) is a web server software package designed for Windows Server. Organizations commonly use Microsoft IIS servers to host websites, files, and other content on the web. Threat actors increasingly target these Internet-facing resources as low-hanging […]
Threats & Malware, Virus & Malware
September 5, 2023
Via: The Hacker NewsThe North Korean threat actor known as Andariel has been observed employing an arsenal of malicious tools in its cyber assaults against corporations and organizations in the southern counterpart. “One characteristic of the attacks identified in 2023 is that there […]
Threats & Malware, Virus & Malware
September 5, 2023
Via: The Hacker NewsBanking and logistics industries are under the onslaught of a reworked variant of a malware called Chaes. “It has undergone major overhauls: from being rewritten entirely in Python, which resulted in lower detection rates by traditional defense systems, to a […]
Threats & Malware, Virus & Malware
August 31, 2023
Via: The Hacker NewsHow often do cyberattacks happen? How frequently do threat actors target businesses and governments around the world? The BlackBerry® Threat Research and Intelligence Team recently analyzed 90 days of real-world data to answer these questions. Full results are in the […]
August 31, 2023
Via: Dark ReadingCybercriminals are mining the capabilities of an open source infostealer called “SapphireStealer,” developing a legion of variants that are helping to democratize the cybercrime landscape when it comes to carrying out data-theft attacks. Ever since a Russian-language hacker named Roman […]
Threats & Malware, Vulnerabilities
August 29, 2023
Via: The Hacker NewsUnpatched Citrix NetScaler systems exposed to the internet are being targeted by unknown threat actors in what’s suspected to be a ransomware attack. Cybersecurity company Sophos is tracking the activity cluster under the moniker STAC4663. Attack chains involve the exploitation […]
August 29, 2023
Via: The Hacker NewsA suspected Chinese-nexus hacking group exploited a recently disclosed zero-day flaw in Barracuda Networks Email Security Gateway (ESG) appliances to breach government, military, defense and aerospace, high-tech industry, and telecom sectors as part of a global espionage campaign. Mandiant, which […]
August 25, 2023
Via: The Hacker NewsThe U.S. Federal Bureau of Investigation (FBI) is warning that Barracuda Networks Email Security Gateway (ESG) appliances patched against a recently disclosed critical flaw continue to be at risk of potential compromise from suspected Chinese hacking groups. It also deemed […]
Threats & Malware, Virus & Malware
August 24, 2023
Via: The Hacker NewsThe SmokeLoader malware is being used to deliver a new Wi-Fi scanning malware strain called Whiffy Recon on compromised Windows machines. “The new malware strain has only one operation. Every 60 seconds it triangulates the infected systems’ positions by scanning […]
Threats & Malware, Vulnerabilities
August 23, 2023
Via: The Hacker NewsDevelopers are not the only people who have adopted the agile methodology for their development processes. From 2023-06-15 to 2023-07-11, Permiso Security’s p0 Labs team identified and tracked an attacker developing and deploying eight (8) incremental iterations of their credential […]
Threats & Malware, Virus & Malware
August 23, 2023
Via: The Hacker NewsA malicious toolset dubbed Spacecolon is being deployed as part of an ongoing campaign to spread variants of the Scarab ransomware across victim organizations globally. “It probably finds its way into victim organizations by its operators compromising vulnerable web servers […]
August 23, 2023
Via: The Hacker NewsA Syrian threat actor named EVLF has been outed as the creator of malware families CypherRAT and CraxsRAT. “These RATs are designed to allow an attacker to remotely perform real-time actions and control the victim device’s camera, location, and microphone,” […]
August 22, 2023
Via: The Hacker NewsA previously undocumented threat cluster has been linked to a software supply chain attack targeting organizations primarily located in Hong Kong and other regions in Asia. The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under its […]
Threats & Malware, Virus & Malware
August 22, 2023
Via: The Hacker NewsA new variant of an Apple macOS malware called XLoader has surfaced in the wild, masquerading its malicious features under the guise of an office productivity app called “OfficeNote.” “The new version of XLoader is bundled inside a standard Apple […]