Malware & Threats

Suspicious NuGet Package Harvesting Information From Industrial Systems

ICS, ICS malware, Malware, Malware & Threats /

Suspicious NuGet Package Harvesting Information From Industrial Systems 2024-03-26 at 17:01 By Ionut Arghire A suspicious NuGet package likely targets developers working with technology from Chinese firm Bozhon. The post Suspicious NuGet Package Harvesting Information From Industrial Systems appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React […]

React to this headline:

Loading spinner

Suspicious NuGet Package Harvesting Information From Industrial Systems Read More »

Over 100 Organizations Targeted in Recent ‘StrelaStealer’ Attacks

Malware, Malware & Threats /

Over 100 Organizations Targeted in Recent ‘StrelaStealer’ Attacks 2024-03-25 at 16:16 By Ionut Arghire More than 100 organizations in the US and EU have been targeted in recent StrelaStealer infostealer campaigns. The post Over 100 Organizations Targeted in Recent ‘StrelaStealer’ Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Over 100 Organizations Targeted in Recent ‘StrelaStealer’ Attacks Read More »

Top Python Developers Hacked in Sophisticated Supply Chain Attack

Malware & Threats, supply chain /

Top Python Developers Hacked in Sophisticated Supply Chain Attack 2024-03-25 at 14:01 By Ionut Arghire Multiple Python developers get infected after downloading malware-packed clone of the popular tool Colorama. The post Top Python Developers Hacked in Sophisticated Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Top Python Developers Hacked in Sophisticated Supply Chain Attack Read More »

39,000 Websites Infected in ‘Sign1’ Malware Campaign

Malware & Threats, web security /

39,000 Websites Infected in ‘Sign1’ Malware Campaign 2024-03-22 at 16:01 By Ionut Arghire Over 39,000 websites have been infected with the Sign1 malware that redirects visitors to scam domains. The post 39,000 Websites Infected in ‘Sign1’ Malware Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

39,000 Websites Infected in ‘Sign1’ Malware Campaign Read More »

Recent TeamCity Vulnerability Exploited in Ransomware Attacks

exploited, Malware & Threats, Ransomware, TeamCity /

Recent TeamCity Vulnerability Exploited in Ransomware Attacks 2024-03-11 at 17:46 By Eduard Kovacs Servers impacted by recently patched TeamCity vulnerability CVE-2024-27198 targeted in ransomware attacks and abused for DDoS. The post Recent TeamCity Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Recent TeamCity Vulnerability Exploited in Ransomware Attacks Read More »

Magnet Goblin Delivers Linux Malware Using One-Day Vulnerabilities

Linux malware, Malware & Threats /

Magnet Goblin Delivers Linux Malware Using One-Day Vulnerabilities 2024-03-11 at 14:14 By Ionut Arghire The financially motivated threat actor Magnet Goblin is targeting one-day vulnerabilities to deploy Nerbian malware on Linux systems. The post Magnet Goblin Delivers Linux Malware Using One-Day Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Magnet Goblin Delivers Linux Malware Using One-Day Vulnerabilities Read More »

Microsoft Says Russian Gov Hackers Stole Source Code After Spying on Executive Emails

APT, Incident Response, Malware & Threats, Microsoft, Midnight Blizzard, Nation-State, SolarWinds /

Microsoft Says Russian Gov Hackers Stole Source Code After Spying on Executive Emails 2024-03-08 at 21:34 By Ryan Naraine Microsoft says the Midnight Blizzard APT group may still be poking around its internal network after stealing source code, spying on emails. The post Microsoft Says Russian Gov Hackers Stole Source Code After Spying on Executive

React to this headline:

Loading spinner

Microsoft Says Russian Gov Hackers Stole Source Code After Spying on Executive Emails Read More »

Chinese Cyberspies Target Tibetans via Watering Hole, Supply Chain Attacks

China, espionage, Malware, Malware & Threats, Tibet /

Chinese Cyberspies Target Tibetans via Watering Hole, Supply Chain Attacks 2024-03-08 at 15:02 By Ionut Arghire Chinese APT Evasive Panda compromises a software developer’s supply chain to target Tibetans with malicious downloaders. The post Chinese Cyberspies Target Tibetans via Watering Hole, Supply Chain Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Chinese Cyberspies Target Tibetans via Watering Hole, Supply Chain Attacks Read More »

Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure

exploited, Featured, Malware & Threats, TeamCity /

Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure 2024-03-07 at 13:36 By Eduard Kovacs Critical TeamCity authentication bypass vulnerability CVE-2024-27198 exploited in the wild after details were disclosed. The post Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure Read More »

Linux Malware Campaign Targets Misconfigured Cloud Servers

Cloud, Linux malware, Malware & Threats /

Linux Malware Campaign Targets Misconfigured Cloud Servers 2024-03-06 at 18:31 By Ionut Arghire A new malware campaign has been observed targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances. The post Linux Malware Campaign Targets Misconfigured Cloud Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Linux Malware Campaign Targets Misconfigured Cloud Servers Read More »

US Sanctions Spyware Company and Executives Who Targeted American Journalists, Government Officials

Malware & Threats, Mobile & Wireless, Tracking & Law Enforcement /

US Sanctions Spyware Company and Executives Who Targeted American Journalists, Government Officials 2024-03-05 at 23:01 By Associated Press The Treasury Department sanctioned individuals associated with Intellexa Consortium, maker of the powerful Predator Spyware. The post US Sanctions Spyware Company and Executives Who Targeted American Journalists, Government Officials appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

US Sanctions Spyware Company and Executives Who Targeted American Journalists, Government Officials Read More »

VMware Patches Critical ESXi Sandbox Escape Flaws

CVE-2024-22252, CVE-2024-22253, ESXi, Malware & Threats, VMWare, Vulnerabilities /

VMware Patches Critical ESXi Sandbox Escape Flaws 2024-03-05 at 21:17 By Ryan Naraine The most serious flaws allow hackers with local admin rights to execute code as the virtual machine’s VMX process running on the host. The post VMware Patches Critical ESXi Sandbox Escape Flaws appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

VMware Patches Critical ESXi Sandbox Escape Flaws Read More »

Remote Stuxnet-Style Attack Possible With Web-Based PLC Malware: Researchers

Featured, ICS, ICS malware, ICS/OT, Malware & Threats, PLC /

Remote Stuxnet-Style Attack Possible With Web-Based PLC Malware: Researchers 2024-03-04 at 14:18 By Eduard Kovacs Researchers demonstrate that remote Stuxnet-style attacks are possible against many modern PLCs using web-based malware. The post Remote Stuxnet-Style Attack Possible With Web-Based PLC Malware: Researchers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Remote Stuxnet-Style Attack Possible With Web-Based PLC Malware: Researchers Read More »

In Other News: Google Flaw Exploited, 3D Printers Hacked, WhatsApp Gets NSO Spyware

In Other News, Malware & Threats /

In Other News: Google Flaw Exploited, 3D Printers Hacked, WhatsApp Gets NSO Spyware 2024-03-01 at 18:16 By Eduard Kovacs Noteworthy stories that might have slipped under the radar: Unpatched Google vulnerability exploited, 3D printers hacked by white hats, WhatsApp will get NSO spyware.  The post In Other News: Google Flaw Exploited, 3D Printers Hacked, WhatsApp

React to this headline:

Loading spinner

In Other News: Google Flaw Exploited, 3D Printers Hacked, WhatsApp Gets NSO Spyware Read More »

Governments Urge Organizations to Hunt for Ivanti VPN Attacks

Government, Ivanti, Malware & Threats /

Governments Urge Organizations to Hunt for Ivanti VPN Attacks 2024-03-01 at 16:01 By Ionut Arghire Credentials stored on Ivanti VPN appliances impacted by recent vulnerabilities are likely compromised, government agencies say. The post Governments Urge Organizations to Hunt for Ivanti VPN Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Governments Urge Organizations to Hunt for Ivanti VPN Attacks Read More »

Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack

CVE-2024-21338, exploited, Featured, Lazarus, Malware & Threats, North Korea, Vulnerabilities, Windows, Zero-Day /

Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack 2024-02-29 at 13:46 By Eduard Kovacs North Korean group Lazarus exploited AppLocker driver zero-day CVE-2024-21338 for privilege escalation in attacks involving FudModule rootkit. The post Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack Read More »

US Government Urges Cleanup of Routers Infected by Russia’s APT28

APT28, botnet, Malware & Threats, Nation-State, Russia /

US Government Urges Cleanup of Routers Infected by Russia’s APT28 2024-02-28 at 14:52 By Ionut Arghire The US government says Russia’s APT28 group compromised Ubiquiti EdgeRouters to run cyberespionage operations worldwide. The post US Government Urges Cleanup of Routers Infected by Russia’s APT28 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

US Government Urges Cleanup of Routers Infected by Russia’s APT28 Read More »

Chinese Cyberspies Use New Malware in Ivanti VPN Attacks

China, espionage, Ivanti, Malware & Threats, Nation-State /

Chinese Cyberspies Use New Malware in Ivanti VPN Attacks 2024-02-28 at 14:52 By Ionut Arghire Chinese threat actors target Ivanti VPN appliances with new malware designed to persist system upgrades. The post Chinese Cyberspies Use New Malware in Ivanti VPN Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Chinese Cyberspies Use New Malware in Ivanti VPN Attacks Read More »

Black Basta, Bl00dy Ransomware Exploiting Recent ScreenConnect Flaws

ConnectWise, Malware & Threats, Ransomware, ScreenConnect /

Black Basta, Bl00dy Ransomware Exploiting Recent ScreenConnect Flaws 2024-02-27 at 18:26 By Ionut Arghire The Black Basta and Bl00dy ransomware gangs have started exploiting two vulnerabilities in ConnectWise ScreenConnect. The post Black Basta, Bl00dy Ransomware Exploiting Recent ScreenConnect Flaws appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Black Basta, Bl00dy Ransomware Exploiting Recent ScreenConnect Flaws Read More »

Russian Cyberspies Targeting Cloud Infrastructure via Dormant Accounts

APT29, CISA, Cozy Bear, Malware & Threats, Midnight Blizzard, Nation-State, Uncategorized /

Russian Cyberspies Targeting Cloud Infrastructure via Dormant Accounts 2024-02-26 at 19:17 By Ionut Arghire US government and allies expose TTPs used by notorious Russian hacking teams and warn of the targeting of dormant cloud accounts. The post Russian Cyberspies Targeting Cloud Infrastructure via Dormant Accounts appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Russian Cyberspies Targeting Cloud Infrastructure via Dormant Accounts Read More »

Scroll to Top