Malware & Threats

Is GhostEmperor Back? Sygnia Finds Clues in Recent Cyber Incident

Malware & Threats /

Is GhostEmperor Back? Sygnia Finds Clues in Recent Cyber Incident 2024-07-24 at 19:16 By Kevin Townsend Sygnia discovered what it believes to be a variant of the GhostEmperor infection chain leading to the Demodex rootkit – which was first seen and described in 2021. The post Is GhostEmperor Back? Sygnia Finds Clues in Recent Cyber […]

React to this headline:

Loading spinner

Is GhostEmperor Back? Sygnia Finds Clues in Recent Cyber Incident Read More »

Telegram Zero-Day Enabled Malware Delivery

Malware, Malware & Threats, Telegram, Zero-Day /

Telegram Zero-Day Enabled Malware Delivery 2024-07-23 at 15:16 By Ionut Arghire The EvilVideo zero-day vulnerability in Telegram for Android allowed threat actors to send malicious files disguised as videos. The post Telegram Zero-Day Enabled Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Telegram Zero-Day Enabled Malware Delivery Read More »

CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams

CrowdStrike, Malware, Malware & Threats, phishing, scam /

CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams 2024-07-22 at 13:47 By Eduard Kovacs The major IT outage caused by CrowdStrike is being leveraged by threat actors for phishing, scams, and malware delivery. The post CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams Read More »

Chinese Hacking Group APT41 Infiltrates Global Shipping and Tech Sectors, Mandiant Warns

APT41, China APT, Cyberwarfare, Malware & Threats, Mandiant, Nation-State, Winnti /

Chinese Hacking Group APT41 Infiltrates Global Shipping and Tech Sectors, Mandiant Warns 2024-07-18 at 22:01 By Ryan Naraine Chinese government-backed hacking team caught breaking into organizations in shipping, logistics and automotive sectors in Europe and Asia. The post Chinese Hacking Group APT41 Infiltrates Global Shipping and Tech Sectors, Mandiant Warns appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Chinese Hacking Group APT41 Infiltrates Global Shipping and Tech Sectors, Mandiant Warns Read More »

APT Exploits Windows Zero-Day to Execute Code via Disabled Internet Explorer

exploited, Malware & Threats, Void Banshee, Zero-Day /

APT Exploits Windows Zero-Day to Execute Code via Disabled Internet Explorer 2024-07-16 at 19:16 By Ionut Arghire The Void Banshee APT exploited the CVE-2024-38112 Windows zero-day to infect systems with the Atlantida stealer. The post APT Exploits Windows Zero-Day to Execute Code via Disabled Internet Explorer appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

APT Exploits Windows Zero-Day to Execute Code via Disabled Internet Explorer Read More »

Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations

Malware, Malware & Threats, sentenced, Tracking & Law Enforcement, Zeus /

Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations 2024-07-15 at 14:31 By Ionut Arghire Vyacheslav Igorevich Penchukov was sentenced to nine years in prison for his role in the Zeus and IcedID malware operations. The post Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations appeared

React to this headline:

Loading spinner

Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations Read More »

Millions Impacted by Breach at Advance Auto Parts Linked to Snowflake Incident

Advance Auto Parts, Data Breaches, Identity & Access, Malware & Threats, MFA, Scattered Spider, Snowflake /

Millions Impacted by Breach at Advance Auto Parts Linked to Snowflake Incident 2024-07-12 at 17:31 By Ionut Arghire Advance Auto Parts says the personal information of 2.3 million was compromised after hackers accessed its Snowflake account. The post Millions Impacted by Breach at Advance Auto Parts Linked to Snowflake Incident appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Millions Impacted by Breach at Advance Auto Parts Linked to Snowflake Incident Read More »

‘CrystalRay’ Expands Arsenal, Hits 1,500 Targets with SSH-Snake and Open Source Tools

CrystalRay, CVE-2019-18394, CVE-2021-3129, CVE-2022-44877, Fraud & Identity Theft, Malware & Threats, SSH-Snake /

‘CrystalRay’ Expands Arsenal, Hits 1,500 Targets with SSH-Snake and Open Source Tools 2024-07-11 at 18:01 By Ionut Arghire A threat actor tracked as CrystalRay has hit 1,500 victims since February, stealing credentials and deploying backdoors. The post ‘CrystalRay’ Expands Arsenal, Hits 1,500 Targets with SSH-Snake and Open Source Tools appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

‘CrystalRay’ Expands Arsenal, Hits 1,500 Targets with SSH-Snake and Open Source Tools Read More »

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited

Adobe, Hyper-V, Incident Response, Malware & Threats, Microsoft, Patch Tuesday, Vulnerabilities, Zero-Day /

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited 2024-07-09 at 22:04 By Ryan Naraine Patch Tuesday: Microsoft patches more than 140 security vulnerabilities in the Windows ecosystem, including a pair of exploited zero-days. The post Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited Read More »

Adobe Issues Critical Patches for Multiple Products, Warns of Code Execution Risks

Adobe, Adobe Commerce, Malware & Threats, Patch Tuesday, Vulnerabilities /

Adobe Issues Critical Patches for Multiple Products, Warns of Code Execution Risks 2024-07-09 at 19:49 By Ryan Naraine Adobe documents at least seven code execution bugs affecting Adobe Premiere Pro, Adobe InDesign and Adobe Bridge on Windows and macOS. The post Adobe Issues Critical Patches for Multiple Products, Warns of Code Execution Risks appeared first

React to this headline:

Loading spinner

Adobe Issues Critical Patches for Multiple Products, Warns of Code Execution Risks Read More »

Europol Announces Crackdown on Cobalt Strike Servers Used by Cybercriminals

Malware & Threats, Tracking & Law Enforcement /

Europol Announces Crackdown on Cobalt Strike Servers Used by Cybercriminals 2024-07-03 at 22:31 By Ryan Naraine European law enforcement agency announces the takedown of nearly 600 Cobalt Strike servers linked to criminal activity. The post Europol Announces Crackdown on Cobalt Strike Servers Used by Cybercriminals appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Europol Announces Crackdown on Cobalt Strike Servers Used by Cybercriminals Read More »

Over 380k Hosts Still Referencing Malicious Polyfill Domain: Censys

Malware & Threats, Polyfill /

Over 380k Hosts Still Referencing Malicious Polyfill Domain: Censys 2024-07-03 at 17:01 By Ionut Arghire Censys has discovered more than 380,000 hosts, including major platforms, still referencing the malicious polyfill.io domain. The post Over 380k Hosts Still Referencing Malicious Polyfill Domain: Censys appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Over 380k Hosts Still Referencing Malicious Polyfill Domain: Censys Read More »

Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies

Cisco, cyberespionage, exploited, Featured, Malware & Threats, Velvet Ant, Zero-Day /

Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies 2024-07-02 at 12:16 By Ionut Arghire Cisco has patched an NX-OS command injection zero-day exploited by China-linked cyberespionage group Velvet Ant. The post Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies Read More »

In Other News: Malware Delivered by ISP, Temu Spying, Critical Dataverse Vulnerability

In Other News, Malware & Threats /

In Other News: Malware Delivered by ISP, Temu Spying, Critical Dataverse Vulnerability 2024-06-28 at 16:31 By SecurityWeek News Noteworthy stories that might have slipped under the radar: Korean ISP delivers malware to customers, Temu sued for allegedly spying on users, Microsoft patches a critical Dataverse vulnerability. The post In Other News: Malware Delivered by ISP,

React to this headline:

Loading spinner

In Other News: Malware Delivered by ISP, Temu Spying, Critical Dataverse Vulnerability Read More »

Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity

Malware & Threats, Polyfill, supply chain, Supply Chain Security /

Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity 2024-06-28 at 12:46 By Ionut Arghire Namecheap shut down polyfill.io amid reports of malicious activity, but the Chinese owner claims it has good intentions. The post Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity Read More »

US Announces Charges, Reward for Russian National Behind Wiper Attacks on Ukraine

Malware & Threats, Nation-State, Russia, Ukraine, whispergate, wiper /

US Announces Charges, Reward for Russian National Behind Wiper Attacks on Ukraine 2024-06-27 at 22:16 By Ionut Arghire The US Justice Department has announced charges against Amin Stigal for conducting wiper cyberattacks on Ukraine in 2022. The post US Announces Charges, Reward for Russian National Behind Wiper Attacks on Ukraine appeared first on SecurityWeek. This

React to this headline:

Loading spinner

US Announces Charges, Reward for Russian National Behind Wiper Attacks on Ukraine Read More »

P2Pinfect Worm Now Dropping Ransomware on Redis Servers

Malware, Malware & Threats, Redis /

P2Pinfect Worm Now Dropping Ransomware on Redis Servers 2024-06-26 at 15:16 By Ionut Arghire The P2Pinfect worm targeting Redis servers has been updated with ransomware and cryptocurrency mining payloads. The post P2Pinfect Worm Now Dropping Ransomware on Redis Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

P2Pinfect Worm Now Dropping Ransomware on Redis Servers Read More »

Recent Zyxel NAS Vulnerability Exploited by Botnet

botnet, exploited, Malware & Threats, Zyxel /

Recent Zyxel NAS Vulnerability Exploited by Botnet 2024-06-25 at 16:46 By Ionut Arghire A Mirai-like botnet has started exploiting a critical-severity vulnerability in discontinued Zyxel NAS products. The post Recent Zyxel NAS Vulnerability Exploited by Botnet appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Recent Zyxel NAS Vulnerability Exploited by Botnet Read More »

Long-Running Chinese Espionage Campaign Targets Telecom Firms in Asian Country

China APT, Malware, Malware & Threats /

Long-Running Chinese Espionage Campaign Targets Telecom Firms in Asian Country 2024-06-20 at 19:01 By Ionut Arghire A years-long espionage campaign has targeted telecoms companies in Asia with tools associated with Chinese groups. The post Long-Running Chinese Espionage Campaign Targets Telecom Firms in Asian Country appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Long-Running Chinese Espionage Campaign Targets Telecom Firms in Asian Country Read More »

Highly Evasive SquidLoader Malware Targets China

Malware, Malware & Threats /

Highly Evasive SquidLoader Malware Targets China 2024-06-20 at 15:31 By Ionut Arghire A threat actor targeting Chinese-speaking victims has been using the SquidLoader malware loader in recent attacks. The post Highly Evasive SquidLoader Malware Targets China appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Highly Evasive SquidLoader Malware Targets China Read More »

Scroll to Top