Malware & Threats - Security Ticks

3 Malware Loaders Detected in 80% of Attacks: Security Firm

3 Malware Loaders Detected in 80% of Attacks: Security Firm 28/08/2023 at 15:46 By Ionut Arghire QakBot, SocGholish, and Raspberry Robin are the three most popular malware loaders, accounting for 80% of the observed incidents. The post 3 Malware Loaders Detected in 80% of Attacks: Security Firm appeared first on SecurityWeek. This article is an […]

React to this headline:

3 Malware Loaders Detected in 80% of Attacks: Security Firm Read More »

Chinese-backed APT ‘Flax Typhoon’ Hacks Taiwan with Minimal Malware Footprint

China, Flax Typhoon, LOLbins, Malware & Threats, Nation-State, Threat Intelligence / SecurityTicks

Chinese-backed APT ‘Flax Typhoon’ Hacks Taiwan with Minimal Malware Footprint 24/08/2023 at 23:34 By Ryan Naraine Microsoft warns that Chinese spies are hacking into Taiwanese organizations with minimal use of malware and by abusing legitimate software. The post Chinese-backed APT ‘Flax Typhoon’ Hacks Taiwan with Minimal Malware Footprint appeared first on SecurityWeek. This article is

React to this headline:

Chinese-backed APT ‘Flax Typhoon’ Hacks Taiwan with Minimal Malware Footprint Read More »

Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device

Malware, Malware & Threats, Wi-Fi / SecurityTicks

Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device 24/08/2023 at 18:31 By Eduard Kovacs Mysterious Whiffy Recon malware scans for nearby Wi-Fi access points to obtain the location of the infected device. The post Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device appeared first on SecurityWeek. This article is

React to this headline:

Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device Read More »

FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective

Barracuda, exploited, FBI, Malware & Threats / SecurityTicks

FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective 24/08/2023 at 17:06 By Ionut Arghire The FBI says that the patches Barracuda released in May for an exploited ESG zero-day vulnerability (CVE-2023-2868) were not effective. The post FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective Read More »

Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day

cybercrime, exploited, Malware & Threats, WinRAR, Zero-Day / SecurityTicks

Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day 24/08/2023 at 14:21 By Eduard Kovacs A financially motivated cybercrime group has exploited a WinRAR zero-day to deliver malware to traders and steal their money. The post Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day Read More »

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability

exploited, Malware & Threats, Openfire, Vulnerabilities / SecurityTicks

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability 23/08/2023 at 17:19 By Ionut Arghire More than 3,000 Openfire servers are not patched against a recent vulnerability and are exposed to attacks employing a new exploit. The post 3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability appeared first on SecurityWeek. This article is an

React to this headline:

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability Read More »

New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack

China, Malware & Threats, supply chain, Supply Chain Security / SecurityTicks

New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack 22/08/2023 at 14:33 By Ionut Arghire A new APT group called Carderbee has been observed deploying the PlugX backdoor via a supply chain attack targeting organizations in Hong Kong. The post New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack appeared first

React to this headline:

New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack Read More »

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability

ColdFusion, exploited, Featured, Malware & Threats, Vulnerabilities / SecurityTicks

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability 22/08/2023 at 13:47 By Eduard Kovacs CISA warns that CVE-2023-26359, an Adobe ColdFusion vulnerability patched in March, has been exploited in the wild. The post CISA Warns of Another Exploited Adobe ColdFusion Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability Read More »

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability

Malware & Threats, Network Security, Vulnerabilities / SecurityTicks

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability 21/08/2023 at 22:31 By Ryan Naraine A critical-severity vulnerability in the Ivanti Sentry (formerly MobileIron Sentry) product exposes sensitive API data and configurations. The post Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability Read More »

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer

cybercrime, Malware, Malware & Threats, RAT / SecurityTicks

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer 21/08/2023 at 17:18 By Ionut Arghire Cyfirma security researchers uncover the real identity of the CypherRAT and CraxsRAT malware developer and MaaS operator. The post Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer Read More »

Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure

cryptomining, Malware & Threats, proxyjacking / SecurityTicks

Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure 18/08/2023 at 16:46 By Ionut Arghire The ‘LabRat’ cryptomining and proxyjacking operation relies on signature-based tools and stealthy cross-platform malware, and abuses TryCloudflare to hide its C&Cs. The post Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure Read More »

Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands

cybercrime, Malware & Threats, Ransomware / SecurityTicks

Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands 17/08/2023 at 19:02 By Kevin Townsend A new report from Rapid7 says a ransomware gang like Cl0p would easily be able to afford a bevy of zero-day exploits for vulnerable enterprise software. The post Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands appeared

React to this headline:

Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands Read More »

Thousands of Systems Turned Into Proxy Exit Nodes via Malware

Malware, Malware & Threats / SecurityTicks

Thousands of Systems Turned Into Proxy Exit Nodes via Malware 17/08/2023 at 16:18 By Ionut Arghire Threat actors have been observed deploying a proxy application on Windows and macOS systems that were infected with malware. The post Thousands of Systems Turned Into Proxy Exit Nodes via Malware appeared first on SecurityWeek. This article is an

React to this headline:

Thousands of Systems Turned Into Proxy Exit Nodes via Malware Read More »

2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability

Malware & Threats, Vulnerabilities / SecurityTicks

2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability 15/08/2023 at 19:47 By Ionut Arghire A threat actor has exploited a recent Citrix vulnerability (CVE-2023-3519) to infect roughly 2,000 NetScaler instances with a backdoor. The post 2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability Read More »

Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware

Malware & Threats / SecurityTicks

Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware 15/08/2023 at 16:31 By Ionut Arghire Hudson Rock security researchers have identified credentials for hacker forums on roughly 120,000 computers infected with information stealers. The post Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware appeared first on SecurityWeek. This article is

React to this headline:

Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware Read More »

In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities

Government, In Other News, Malware & Threats, Vulnerabilities / SecurityTicks

In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities 11/08/2023 at 17:18 By SecurityWeek News Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of August 7, 2023. The post In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities appeared first

React to this headline:

In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities Read More »

Threat Actors Abuse Cloudflare Tunnel for Persistent Access, Data Theft

Cloudflare, Malware & Threats / SecurityTicks

Threat Actors Abuse Cloudflare Tunnel for Persistent Access, Data Theft 04/08/2023 at 17:03 By Ionut Arghire Threat actors have been observed abusing the open source Cloudflare Tunnel tool Cloudflared to maintain stealthy, persistent access to compromised systems. The post Threat Actors Abuse Cloudflare Tunnel for Persistent Access, Data Theft appeared first on SecurityWeek. This article

React to this headline:

Threat Actors Abuse Cloudflare Tunnel for Persistent Access, Data Theft Read More »

New hVNC macOS Malware Advertised on Hacker Forum

Mac malware, Malware & Threats / SecurityTicks

New hVNC macOS Malware Advertised on Hacker Forum 02/08/2023 at 18:03 By Ionut Arghire A new macOS-targeting hVNC malware family is being advertised on a prominent cybercrime forum. The post New hVNC macOS Malware Advertised on Hacker Forum appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

New hVNC macOS Malware Advertised on Hacker Forum Read More »

Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack

APT, Ivanti, Malware & Threats, Zero-Day / SecurityTicks

Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack 02/08/2023 at 09:31 By Eduard Kovacs The recently patched Ivanti EPMM zero-day CVE-2023-35078 has been exploited to hack the Norwegian government since at least April 2023. The post Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack appeared

React to this headline:

Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack Read More »

CISA Analyzes Malware Used in Barracuda ESG Attacks

Barracuda, Malware, Malware & Threats / SecurityTicks

CISA Analyzes Malware Used in Barracuda ESG Attacks 31/07/2023 at 13:31 By Ionut Arghire CISA has shared analysis reports on three malware families obtained from an organization hacked via a recent Barracuda ESG vulnerability. The post CISA Analyzes Malware Used in Barracuda ESG Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

CISA Analyzes Malware Used in Barracuda ESG Attacks Read More »