Malware & Threats

Threat Actors Quick to Abuse ‘SSH-Snake’ Worm-Like Tool

Malware, Malware & Threats, worm /

Threat Actors Quick to Abuse ‘SSH-Snake’ Worm-Like Tool 2024-02-22 at 18:01 By Ionut Arghire Threat actors are actively deploying the recently released self-replicating and self-propagating SSH-Snake worm. The post Threat Actors Quick to Abuse ‘SSH-Snake’ Worm-Like Tool appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to […]

React to this headline:

Loading spinner

Threat Actors Quick to Abuse ‘SSH-Snake’ Worm-Like Tool Read More »

ConnectWise Confirms ScreenConnect Flaw Under Active Exploitation

ConnectWise, Malware & Threats, remote code execution, ScreenConnect, Vulnerabilities /

ConnectWise Confirms ScreenConnect Flaw Under Active Exploitation 2024-02-21 at 19:16 By Ryan Naraine Security experts describe exploitation of the CVSS 10/10 flaw as “trivial and embarrassingly easy.” The post ConnectWise Confirms ScreenConnect Flaw Under Active Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

ConnectWise Confirms ScreenConnect Flaw Under Active Exploitation Read More »

Diversifying Defenses: FjordPhantom Malware Shows Importance of a Multi-Pronged Approach

Malware & Threats, Mobile & Wireless, mobile malware /

Diversifying Defenses: FjordPhantom Malware Shows Importance of a Multi-Pronged Approach 2024-02-21 at 16:46 By Joshua Goldfarb Security teams need to combine the angles of client-side and server-side detection in order to have the best chance of mitigating the risk of advanced mobile malware. The post Diversifying Defenses: FjordPhantom Malware Shows Importance of a Multi-Pronged Approach

React to this headline:

Loading spinner

Diversifying Defenses: FjordPhantom Malware Shows Importance of a Multi-Pronged Approach Read More »

Redis Servers Targeted With New ‘Migo’ Malware

Malware, Malware & Threats, Redis /

Redis Servers Targeted With New ‘Migo’ Malware 2024-02-21 at 14:47 By Ionut Arghire Attackers weaken Redis instances to deploy the new Migo malware and install a rootkit and cryptominers. The post Redis Servers Targeted With New ‘Migo’ Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Redis Servers Targeted With New ‘Migo’ Malware Read More »

ConnectWise Rushes to Patch Critical Vulns in Remote Access Tool

AnyConnect, ConnectWise, CVSS 10, Malware & Threats, remote access, Vulnerabilities /

ConnectWise Rushes to Patch Critical Vulns in Remote Access Tool 2024-02-20 at 19:31 By Ryan Naraine ConnectWise ships patches for extremely critical security defects in its ScreenConnect remote desktop access product and urges emergency patching. The post ConnectWise Rushes to Patch Critical Vulns in Remote Access Tool appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

ConnectWise Rushes to Patch Critical Vulns in Remote Access Tool Read More »

Anatsa Android Banking Trojan Continues to Spread via Google Play

Android trojan, Malware, Malware & Threats, Mobile & Wireless /

Anatsa Android Banking Trojan Continues to Spread via Google Play 2024-02-20 at 14:16 By Ionut Arghire Recent Anatsa Android banking trojan attacks have become more targeted, showing an evolution in tactics. The post Anatsa Android Banking Trojan Continues to Spread via Google Play appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Anatsa Android Banking Trojan Continues to Spread via Google Play Read More »

Ukrainian Raccoon Infostealer Operator Extradited to US

charged, extradited, Malware, Malware & Threats, Tracking & Law Enforcement /

Ukrainian Raccoon Infostealer Operator Extradited to US 2024-02-19 at 17:17 By Ionut Arghire Alleged Raccoon Infostealer operator Mark Sokolovsky is awaiting trial in the US, after being extradited from the Netherlands. The post Ukrainian Raccoon Infostealer Operator Extradited to US appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Ukrainian Raccoon Infostealer Operator Extradited to US Read More »

iOS Trojan Collects Face and Other Data for Bank Account Hacking 

iOS malware, Malware & Threats, mobile malware /

iOS Trojan Collects Face and Other Data for Bank Account Hacking  2024-02-19 at 12:46 By Eduard Kovacs Chinese hackers use Android and iOS trojans to obtain information needed to steal money from victims’ bank accounts. The post iOS Trojan Collects Face and Other Data for Bank Account Hacking  appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

iOS Trojan Collects Face and Other Data for Bank Account Hacking  Read More »

Ukrainian Pleads Guilty in US to Key Role in Zeus, IcedID Malware Operations

cybercrime, guilty, Malware, Malware & Threats /

Ukrainian Pleads Guilty in US to Key Role in Zeus, IcedID Malware Operations 2024-02-16 at 12:31 By Eduard Kovacs Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to holding key roles in the Zeus and IcedID malware operations. The post Ukrainian Pleads Guilty in US to Key Role in Zeus, IcedID Malware Operations appeared first

React to this headline:

Loading spinner

Ukrainian Pleads Guilty in US to Key Role in Zeus, IcedID Malware Operations Read More »

FBI Dismantles Ubiquiti Router Botnet Controlled by Russian Cyberspies

APT28, FBI, Forest Blizzard, KV Botnet, Malware & Threats, Nation-State /

FBI Dismantles Ubiquiti Router Botnet Controlled by Russian Cyberspies 2024-02-15 at 21:46 By Ryan Naraine The US government says it has neutralized a network of hundreds of Ubiquiti Edge OS routers under the control of the Russia’s APT28 hackers. The post FBI Dismantles Ubiquiti Router Botnet Controlled by Russian Cyberspies appeared first on SecurityWeek. This

React to this headline:

Loading spinner

FBI Dismantles Ubiquiti Router Botnet Controlled by Russian Cyberspies Read More »

Microsoft Catches APTs Using ChatGPT for Vuln Research, Malware Scripting

Artificial Intelligence, ChatGPT, LLMs, Malware & Threats, Microsoft, OpenAI /

Microsoft Catches APTs Using ChatGPT for Vuln Research, Malware Scripting 2024-02-14 at 22:02 By Ryan Naraine Microsoft threat hunters say foreign APTs are interacting with OpenAI’s ChatGPT to automate malicious vulnerability research, target reconnaissance and malware creation tasks. The post Microsoft Catches APTs Using ChatGPT for Vuln Research, Malware Scripting appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Microsoft Catches APTs Using ChatGPT for Vuln Research, Malware Scripting Read More »

Windows Zero-Day Exploited in Attacks on Financial Market Traders

Malware & Threats, Windows, Zero-Day /

Windows Zero-Day Exploited in Attacks on Financial Market Traders 2024-02-14 at 14:17 By Eduard Kovacs CVE-2024-21412, one of the security bypass zero-days fixed by Microsoft with Patch Tuesday updates, exploited by Water Hydra (DarkCasino). The post Windows Zero-Day Exploited in Attacks on Financial Market Traders appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Windows Zero-Day Exploited in Attacks on Financial Market Traders Read More »

Microsoft Confirms Windows Exploits Bypassing Security Features

CVE-2024-21412, CVE-2024-21413, CVE-2024-21451, Malware & Threats, Patch Tuesday, Vulnerabilities /

Microsoft Confirms Windows Exploits Bypassing Security Features 2024-02-13 at 22:01 By Ryan Naraine Patch Tuesday: Microsoft pushes a massive batch of security-themed updates and calls urgent attention to exploits bypassing security features. The post Microsoft Confirms Windows Exploits Bypassing Security Features appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Microsoft Confirms Windows Exploits Bypassing Security Features Read More »

Ivanti Vulnerability Exploited to Deliver New ‘DSLog’ Backdoor

backdoor, exploited, Ivanti, Malware & Threats /

Ivanti Vulnerability Exploited to Deliver New ‘DSLog’ Backdoor 2024-02-13 at 15:31 By Ionut Arghire Backdoor deployed using recent Ivanti VPN vulnerability enables command execution, web request and system log theft. The post Ivanti Vulnerability Exploited to Deliver New ‘DSLog’ Backdoor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Ivanti Vulnerability Exploited to Deliver New ‘DSLog’ Backdoor Read More »

Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive

ATT&CK, Featured, Malware & Threats, MITRE, Pincus, Ransomware /

Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive 2024-02-13 at 07:31 By Kevin Townsend A malware tactic dubbed ‘hunter-killer’ is growing, based on an analysis of more than 600,000 malware samples. This may become the standard approach for advanced attacks. The post Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive Read More »

New macOS Backdoor Linked to Prominent Ransomware Groups

Mac malware, Malware & Threats /

New macOS Backdoor Linked to Prominent Ransomware Groups 2024-02-09 at 16:47 By Ionut Arghire Written in Rust, the new RustDoor macOS backdoor appears linked to Black Basta and Alphv/BlackCat ransomware. The post New macOS Backdoor Linked to Prominent Ransomware Groups appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

New macOS Backdoor Linked to Prominent Ransomware Groups Read More »

CISA: China’s Volt Typhoon Hackers Planning Critical Infrastructure Disruption

China, CISA, critical infrastructure, Malware & Threats, Nation-State, Volt Typhoon /

CISA: China’s Volt Typhoon Hackers Planning Critical Infrastructure Disruption 2024-02-08 at 01:01 By Ryan Naraine New CISA alert includes technical mitigations to harden attack surfaces and instructions to hunt for the Chinese government-backed hackers. The post CISA: China’s Volt Typhoon Hackers Planning Critical Infrastructure Disruption appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

CISA: China’s Volt Typhoon Hackers Planning Critical Infrastructure Disruption Read More »

US Slaps Sanctions on ‘Dangerous’ Iranian Hackers Linked to Water Utility Hacks 

critical infrastructure, Iran, Israel, Malware & Threats, Nation-State, Unitronics /

US Slaps Sanctions on ‘Dangerous’ Iranian Hackers Linked to Water Utility Hacks  2024-02-02 at 22:02 By Ryan Naraine The US government slaps sanctions against six Iranian government officials linked to cyberattacks against Israeli PLC vendor Unitronics. The post US Slaps Sanctions on ‘Dangerous’ Iranian Hackers Linked to Water Utility Hacks  appeared first on SecurityWeek. This

React to this headline:

Loading spinner

US Slaps Sanctions on ‘Dangerous’ Iranian Hackers Linked to Water Utility Hacks  Read More »

CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products

CISA KEV, Ivanti, Malware & Threats, VPN, Vulnerabilities, Zero-Day /

CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products 2024-02-01 at 19:01 By Ryan Naraine In an unprecedented move, CISA is demanding that federal agencies disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours. The post CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products appeared first

React to this headline:

Loading spinner

CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products Read More »

After Delays, Ivanti Patches Zero-Days and Confirms New Exploit

CISA KEV, CVE-2023-46805, CVE-2024-21887, CVE-2024-21893, Featured, Ivanti, Malware & Threats, Vulnerabilities /

After Delays, Ivanti Patches Zero-Days and Confirms New Exploit 2024-01-31 at 19:47 By Ryan Naraine Ivanti documents a brand-new zero-day and belatedly ships patches; Mandiant is reporting “broad exploitation activity.” The post After Delays, Ivanti Patches Zero-Days and Confirms New Exploit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

After Delays, Ivanti Patches Zero-Days and Confirms New Exploit Read More »

Scroll to Top