Malware & Threats

Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack

CVE-2024-21338, exploited, Featured, Lazarus, Malware & Threats, North Korea, Vulnerabilities, Windows, Zero-Day /

Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack 2024-02-29 at 13:46 By Eduard Kovacs North Korean group Lazarus exploited AppLocker driver zero-day CVE-2024-21338 for privilege escalation in attacks involving FudModule rootkit. The post Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack appeared first on SecurityWeek. This article is an excerpt from […]

React to this headline:

Loading spinner

Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack Read More »

Chinese Cyberspies Use New Malware in Ivanti VPN Attacks

China, espionage, Ivanti, Malware & Threats, Nation-State /

Chinese Cyberspies Use New Malware in Ivanti VPN Attacks 2024-02-28 at 14:52 By Ionut Arghire Chinese threat actors target Ivanti VPN appliances with new malware designed to persist system upgrades. The post Chinese Cyberspies Use New Malware in Ivanti VPN Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Chinese Cyberspies Use New Malware in Ivanti VPN Attacks Read More »

US Government Urges Cleanup of Routers Infected by Russia’s APT28

APT28, botnet, Malware & Threats, Nation-State, Russia /

US Government Urges Cleanup of Routers Infected by Russia’s APT28 2024-02-28 at 14:52 By Ionut Arghire The US government says Russia’s APT28 group compromised Ubiquiti EdgeRouters to run cyberespionage operations worldwide. The post US Government Urges Cleanup of Routers Infected by Russia’s APT28 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

US Government Urges Cleanup of Routers Infected by Russia’s APT28 Read More »

Black Basta, Bl00dy Ransomware Exploiting Recent ScreenConnect Flaws

ConnectWise, Malware & Threats, Ransomware, ScreenConnect /

Black Basta, Bl00dy Ransomware Exploiting Recent ScreenConnect Flaws 2024-02-27 at 18:26 By Ionut Arghire The Black Basta and Bl00dy ransomware gangs have started exploiting two vulnerabilities in ConnectWise ScreenConnect. The post Black Basta, Bl00dy Ransomware Exploiting Recent ScreenConnect Flaws appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Black Basta, Bl00dy Ransomware Exploiting Recent ScreenConnect Flaws Read More »

Russian Cyberspies Targeting Cloud Infrastructure via Dormant Accounts

APT29, CISA, Cozy Bear, Malware & Threats, Midnight Blizzard, Nation-State, Uncategorized /

Russian Cyberspies Targeting Cloud Infrastructure via Dormant Accounts 2024-02-26 at 19:17 By Ionut Arghire US government and allies expose TTPs used by notorious Russian hacking teams and warn of the targeting of dormant cloud accounts. The post Russian Cyberspies Targeting Cloud Infrastructure via Dormant Accounts appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Russian Cyberspies Targeting Cloud Infrastructure via Dormant Accounts Read More »

‘SlashAndGrab’ ScreenConnect Vulnerability Widely Exploited for Malware Delivery

Featured, Malware & Threats, ScreenConnect, Vulnerabilities /

‘SlashAndGrab’ ScreenConnect Vulnerability Widely Exploited for Malware Delivery 2024-02-23 at 14:31 By Eduard Kovacs ConnectWise ScreenConnect vulnerability tracked as CVE-2024-1709 and SlashAndGrab exploited to deliver ransomware and other malware. The post ‘SlashAndGrab’ ScreenConnect Vulnerability Widely Exploited for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

‘SlashAndGrab’ ScreenConnect Vulnerability Widely Exploited for Malware Delivery Read More »

Russian Turla Cyberspies Target Polish NGOs With New Backdoor

backdoor, Malware, Malware & Threats, Nation-State, Russia, Turla /

Russian Turla Cyberspies Target Polish NGOs With New Backdoor 2024-02-22 at 18:01 By Ionut Arghire Russian state-sponsored threat actor Turla has been using a new backdoor in recent attacks targeting Polish NGOs. The post Russian Turla Cyberspies Target Polish NGOs With New Backdoor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Russian Turla Cyberspies Target Polish NGOs With New Backdoor Read More »

Threat Actors Quick to Abuse ‘SSH-Snake’ Worm-Like Tool

Malware, Malware & Threats, worm /

Threat Actors Quick to Abuse ‘SSH-Snake’ Worm-Like Tool 2024-02-22 at 18:01 By Ionut Arghire Threat actors are actively deploying the recently released self-replicating and self-propagating SSH-Snake worm. The post Threat Actors Quick to Abuse ‘SSH-Snake’ Worm-Like Tool appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Threat Actors Quick to Abuse ‘SSH-Snake’ Worm-Like Tool Read More »

ConnectWise Confirms ScreenConnect Flaw Under Active Exploitation

ConnectWise, Malware & Threats, remote code execution, ScreenConnect, Vulnerabilities /

ConnectWise Confirms ScreenConnect Flaw Under Active Exploitation 2024-02-21 at 19:16 By Ryan Naraine Security experts describe exploitation of the CVSS 10/10 flaw as “trivial and embarrassingly easy.” The post ConnectWise Confirms ScreenConnect Flaw Under Active Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

ConnectWise Confirms ScreenConnect Flaw Under Active Exploitation Read More »

Diversifying Defenses: FjordPhantom Malware Shows Importance of a Multi-Pronged Approach

Malware & Threats, Mobile & Wireless, mobile malware /

Diversifying Defenses: FjordPhantom Malware Shows Importance of a Multi-Pronged Approach 2024-02-21 at 16:46 By Joshua Goldfarb Security teams need to combine the angles of client-side and server-side detection in order to have the best chance of mitigating the risk of advanced mobile malware. The post Diversifying Defenses: FjordPhantom Malware Shows Importance of a Multi-Pronged Approach

React to this headline:

Loading spinner

Diversifying Defenses: FjordPhantom Malware Shows Importance of a Multi-Pronged Approach Read More »

Redis Servers Targeted With New ‘Migo’ Malware

Malware, Malware & Threats, Redis /

Redis Servers Targeted With New ‘Migo’ Malware 2024-02-21 at 14:47 By Ionut Arghire Attackers weaken Redis instances to deploy the new Migo malware and install a rootkit and cryptominers. The post Redis Servers Targeted With New ‘Migo’ Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Redis Servers Targeted With New ‘Migo’ Malware Read More »

ConnectWise Rushes to Patch Critical Vulns in Remote Access Tool

AnyConnect, ConnectWise, CVSS 10, Malware & Threats, remote access, Vulnerabilities /

ConnectWise Rushes to Patch Critical Vulns in Remote Access Tool 2024-02-20 at 19:31 By Ryan Naraine ConnectWise ships patches for extremely critical security defects in its ScreenConnect remote desktop access product and urges emergency patching. The post ConnectWise Rushes to Patch Critical Vulns in Remote Access Tool appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

ConnectWise Rushes to Patch Critical Vulns in Remote Access Tool Read More »

Anatsa Android Banking Trojan Continues to Spread via Google Play

Android trojan, Malware, Malware & Threats, Mobile & Wireless /

Anatsa Android Banking Trojan Continues to Spread via Google Play 2024-02-20 at 14:16 By Ionut Arghire Recent Anatsa Android banking trojan attacks have become more targeted, showing an evolution in tactics. The post Anatsa Android Banking Trojan Continues to Spread via Google Play appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Anatsa Android Banking Trojan Continues to Spread via Google Play Read More »

Ukrainian Raccoon Infostealer Operator Extradited to US

charged, extradited, Malware, Malware & Threats, Tracking & Law Enforcement /

Ukrainian Raccoon Infostealer Operator Extradited to US 2024-02-19 at 17:17 By Ionut Arghire Alleged Raccoon Infostealer operator Mark Sokolovsky is awaiting trial in the US, after being extradited from the Netherlands. The post Ukrainian Raccoon Infostealer Operator Extradited to US appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Ukrainian Raccoon Infostealer Operator Extradited to US Read More »

iOS Trojan Collects Face and Other Data for Bank Account Hacking 

iOS malware, Malware & Threats, mobile malware /

iOS Trojan Collects Face and Other Data for Bank Account Hacking  2024-02-19 at 12:46 By Eduard Kovacs Chinese hackers use Android and iOS trojans to obtain information needed to steal money from victims’ bank accounts. The post iOS Trojan Collects Face and Other Data for Bank Account Hacking  appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

iOS Trojan Collects Face and Other Data for Bank Account Hacking  Read More »

Ukrainian Pleads Guilty in US to Key Role in Zeus, IcedID Malware Operations

cybercrime, guilty, Malware, Malware & Threats /

Ukrainian Pleads Guilty in US to Key Role in Zeus, IcedID Malware Operations 2024-02-16 at 12:31 By Eduard Kovacs Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to holding key roles in the Zeus and IcedID malware operations. The post Ukrainian Pleads Guilty in US to Key Role in Zeus, IcedID Malware Operations appeared first

React to this headline:

Loading spinner

Ukrainian Pleads Guilty in US to Key Role in Zeus, IcedID Malware Operations Read More »

FBI Dismantles Ubiquiti Router Botnet Controlled by Russian Cyberspies

APT28, FBI, Forest Blizzard, KV Botnet, Malware & Threats, Nation-State /

FBI Dismantles Ubiquiti Router Botnet Controlled by Russian Cyberspies 2024-02-15 at 21:46 By Ryan Naraine The US government says it has neutralized a network of hundreds of Ubiquiti Edge OS routers under the control of the Russia’s APT28 hackers. The post FBI Dismantles Ubiquiti Router Botnet Controlled by Russian Cyberspies appeared first on SecurityWeek. This

React to this headline:

Loading spinner

FBI Dismantles Ubiquiti Router Botnet Controlled by Russian Cyberspies Read More »

Microsoft Catches APTs Using ChatGPT for Vuln Research, Malware Scripting

Artificial Intelligence, ChatGPT, LLMs, Malware & Threats, Microsoft, OpenAI /

Microsoft Catches APTs Using ChatGPT for Vuln Research, Malware Scripting 2024-02-14 at 22:02 By Ryan Naraine Microsoft threat hunters say foreign APTs are interacting with OpenAI’s ChatGPT to automate malicious vulnerability research, target reconnaissance and malware creation tasks. The post Microsoft Catches APTs Using ChatGPT for Vuln Research, Malware Scripting appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Microsoft Catches APTs Using ChatGPT for Vuln Research, Malware Scripting Read More »

Windows Zero-Day Exploited in Attacks on Financial Market Traders

Malware & Threats, Windows, Zero-Day /

Windows Zero-Day Exploited in Attacks on Financial Market Traders 2024-02-14 at 14:17 By Eduard Kovacs CVE-2024-21412, one of the security bypass zero-days fixed by Microsoft with Patch Tuesday updates, exploited by Water Hydra (DarkCasino). The post Windows Zero-Day Exploited in Attacks on Financial Market Traders appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Windows Zero-Day Exploited in Attacks on Financial Market Traders Read More »

Microsoft Confirms Windows Exploits Bypassing Security Features

CVE-2024-21412, CVE-2024-21413, CVE-2024-21451, Malware & Threats, Patch Tuesday, Vulnerabilities /

Microsoft Confirms Windows Exploits Bypassing Security Features 2024-02-13 at 22:01 By Ryan Naraine Patch Tuesday: Microsoft pushes a massive batch of security-themed updates and calls urgent attention to exploits bypassing security features. The post Microsoft Confirms Windows Exploits Bypassing Security Features appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Microsoft Confirms Windows Exploits Bypassing Security Features Read More »

Scroll to Top