Malware & Threats

DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner

exploited, Malware, Malware & Threats /

DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner 30/08/2023 at 14:17 By Eduard Kovacs The DreamBus botnet has resurfaced and it has been exploiting a recently patched Apache RocketMQ vulnerability to deliver a Monero miner. The post DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner appeared first on SecurityWeek. This article is an […]

DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner Read More »

Operation ‘Duck Hunt’: Qakbot Malware Disrupted, $8.6 Million in Cryptocurrency Seized

botnet, FBI, Fraud & Identity Theft, Justice Department, Malware & Threats, Qakbot, Qbot, Ransomware /

Operation ‘Duck Hunt’: Qakbot Malware Disrupted, $8.6 Million in Cryptocurrency Seized 30/08/2023 at 00:03 By Ryan Naraine U.S. law enforcement announce the disruption of the notorious Qakbot cybercrime operation and the release of an auto-disinfection tool to 700,000 infected machines. The post Operation ‘Duck Hunt’: Qakbot Malware Disrupted, $8.6 Million in Cryptocurrency Seized appeared first

Operation ‘Duck Hunt’: Qakbot Malware Disrupted, $8.6 Million in Cryptocurrency Seized Read More »

VMware Patches Major Security Flaws in Network Monitoring Product

CISA KEV, Malware & Threats, Network Security, VMWare, VMware aria Operations for Logs, Vulnerabilities /

VMware Patches Major Security Flaws in Network Monitoring Product 29/08/2023 at 23:02 By Ryan Naraine VWware patches critical flaws that allow hackers to bypass SSH authentication and gain access to the Aria Operations for Networks command line interface. The post VMware Patches Major Security Flaws in Network Monitoring Product appeared first on SecurityWeek. This article

VMware Patches Major Security Flaws in Network Monitoring Product Read More »

New ‘MMRat’ Android Trojan Targeting Users in Southeast Asia

Android trojan, Malware & Threats, Mobile & Wireless /

New ‘MMRat’ Android Trojan Targeting Users in Southeast Asia 29/08/2023 at 21:03 By Ionut Arghire The newly identified MMRat Android trojan has been targeting users in Southeast Asia to remotely control devices and perform bank fraud. The post New ‘MMRat’ Android Trojan Targeting Users in Southeast Asia appeared first on SecurityWeek. This article is an

New ‘MMRat’ Android Trojan Targeting Users in Southeast Asia Read More »

Signs of Malware Attack Targeting Rust Developers Found on Crates.io

Application Security, Malware & Threats /

Signs of Malware Attack Targeting Rust Developers Found on Crates.io 28/08/2023 at 17:16 By Eduard Kovacs The Crates.io Rust package registry was targeted in preparation of a malware attack aimed at developers, according to Phylum. The post Signs of Malware Attack Targeting Rust Developers Found on Crates.io appeared first on SecurityWeek. This article is an

Signs of Malware Attack Targeting Rust Developers Found on Crates.io Read More »

3 Malware Loaders Detected in 80% of Attacks: Security Firm

Malware & Threats /

3 Malware Loaders Detected in 80% of Attacks: Security Firm 28/08/2023 at 15:46 By Ionut Arghire QakBot, SocGholish, and Raspberry Robin are the three most popular malware loaders, accounting for 80% of the observed incidents. The post 3 Malware Loaders Detected in 80% of Attacks: Security Firm appeared first on SecurityWeek. This article is an

3 Malware Loaders Detected in 80% of Attacks: Security Firm Read More »

Chinese-backed APT ‘Flax Typhoon’ Hacks Taiwan with Minimal Malware Footprint

China, Flax Typhoon, LOLbins, Malware & Threats, Nation-State, Threat Intelligence /

Chinese-backed APT ‘Flax Typhoon’ Hacks Taiwan with Minimal Malware Footprint 24/08/2023 at 23:34 By Ryan Naraine Microsoft warns that Chinese spies are hacking into Taiwanese organizations with minimal use of malware and by abusing legitimate software. The post Chinese-backed APT ‘Flax Typhoon’ Hacks Taiwan with Minimal Malware Footprint appeared first on SecurityWeek. This article is

Chinese-backed APT ‘Flax Typhoon’ Hacks Taiwan with Minimal Malware Footprint Read More »

Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device

Malware, Malware & Threats, Wi-Fi /

Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device 24/08/2023 at 18:31 By Eduard Kovacs Mysterious Whiffy Recon malware scans for nearby Wi-Fi access points to obtain the location of the infected device. The post Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device appeared first on SecurityWeek. This article is

Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device Read More »

FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective

Barracuda, exploited, FBI, Malware & Threats /

FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective 24/08/2023 at 17:06 By Ionut Arghire The FBI says that the patches Barracuda released in May for an exploited ESG zero-day vulnerability (CVE-2023-2868) were not effective. The post FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective Read More »

Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day 

cybercrime, exploited, Malware & Threats, WinRAR, Zero-Day /

Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day  24/08/2023 at 14:21 By Eduard Kovacs A financially motivated cybercrime group has exploited a WinRAR zero-day to deliver malware to traders and steal their money. The post Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day  appeared first on SecurityWeek. This article is an excerpt from

Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day  Read More »

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability

exploited, Malware & Threats, Openfire, Vulnerabilities /

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability 23/08/2023 at 17:19 By Ionut Arghire More than 3,000 Openfire servers are not patched against a recent vulnerability and are exposed to attacks employing a new exploit. The post 3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability appeared first on SecurityWeek. This article is an

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability Read More »

New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack

China, Malware & Threats, supply chain, Supply Chain Security /

New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack 22/08/2023 at 14:33 By Ionut Arghire A new APT group called Carderbee has been observed deploying the PlugX backdoor via a supply chain attack targeting organizations in Hong Kong. The post New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack appeared first

New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack Read More »

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability

ColdFusion, exploited, Featured, Malware & Threats, Vulnerabilities /

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability 22/08/2023 at 13:47 By Eduard Kovacs CISA warns that CVE-2023-26359, an Adobe ColdFusion vulnerability patched in March, has been exploited in the wild. The post CISA Warns of Another Exploited Adobe ColdFusion Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability Read More »

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability

Malware & Threats, Network Security, Vulnerabilities /

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability 21/08/2023 at 22:31 By Ryan Naraine A critical-severity vulnerability in the Ivanti Sentry (formerly MobileIron Sentry) product exposes sensitive API data and configurations. The post Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability Read More »

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer

cybercrime, Malware, Malware & Threats, RAT /

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer 21/08/2023 at 17:18 By Ionut Arghire Cyfirma security researchers uncover the real identity of the CypherRAT and CraxsRAT malware developer and MaaS operator. The post Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer appeared first on SecurityWeek. This article is an excerpt from

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer Read More »

Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure

cryptomining, Malware & Threats, proxyjacking /

Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure 18/08/2023 at 16:46 By Ionut Arghire The ‘LabRat’ cryptomining and proxyjacking operation relies on signature-based tools and stealthy cross-platform malware, and abuses TryCloudflare to hide its C&Cs. The post Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure appeared first on SecurityWeek. This article is an excerpt from

Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure Read More »

Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands

cybercrime, Malware & Threats, Ransomware /

Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands 17/08/2023 at 19:02 By Kevin Townsend A new report from Rapid7 says a ransomware gang like Cl0p would easily be able to afford a bevy of zero-day exploits for vulnerable enterprise software. The post Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands appeared

Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands Read More »

Thousands of Systems Turned Into Proxy Exit Nodes via Malware

Malware, Malware & Threats /

Thousands of Systems Turned Into Proxy Exit Nodes via Malware 17/08/2023 at 16:18 By Ionut Arghire Threat actors have been observed deploying a proxy application on Windows and macOS systems that were infected with malware. The post Thousands of Systems Turned Into Proxy Exit Nodes via Malware appeared first on SecurityWeek. This article is an

Thousands of Systems Turned Into Proxy Exit Nodes via Malware Read More »

2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability

Malware & Threats, Vulnerabilities /

2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability 15/08/2023 at 19:47 By Ionut Arghire A threat actor has exploited a recent Citrix vulnerability (CVE-2023-3519) to infect roughly 2,000 NetScaler instances with a backdoor. The post 2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability Read More »

Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware

Malware & Threats /

Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware 15/08/2023 at 16:31 By Ionut Arghire Hudson Rock security researchers have identified credentials for hacker forums on roughly 120,000 computers infected with information stealers. The post Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware appeared first on SecurityWeek. This article is

Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware Read More »

Scroll to Top