Malware

Open source malware up 200% since 2023

Open source malware up 200% since 2023 2024-12-11 at 07:32 By Help Net Security Sonatype’s 2024 Open Source Malware Threat Report reveals that the number of malicious packages has surpassed 778,500 since tracking began in 2019. In 2024, researchers examined how threat actors leverage malicious open-source packages to target developers, particularly as enterprises increasingly adopt […]

React to this headline:

Loading spinner

Open source malware up 200% since 2023 Read More »

Head Mare Group Intensifies Attacks on Russia with PhantomCore Backdoor

Head Mare Group Intensifies Attacks on Russia with PhantomCore Backdoor 2024-12-10 at 16:00 By rohansinhacyblecom Key takeaways Overview On 2nd September 2024, Kaspersky released a blog about the Head Mare group, which first emerged in 2023. Head Mare is a hacktivist group targeting organizations in Russia and Belarus with the goal of causing maximum damage

React to this headline:

Loading spinner

Head Mare Group Intensifies Attacks on Russia with PhantomCore Backdoor Read More »

Head Mare Group Intensifies Attacks on Russia with PhantomCore RAT

Head Mare Group Intensifies Attacks on Russia with PhantomCore RAT 2024-12-10 at 15:03 By rohansinhacyblecom Key takeaways Overview On 2nd September 2024, Kaspersky released a blog about the Head Mare group, which first emerged in 2023. Head Mare is a hacktivist group targeting organizations in Russia and Belarus with the goal of causing maximum damage

React to this headline:

Loading spinner

Head Mare Group Intensifies Attacks on Russia with PhantomCore RAT Read More »

Windows, macOS users targeted with crypto-and-info-stealing malware

Windows, macOS users targeted with crypto-and-info-stealing malware 2024-12-06 at 14:05 By Zeljka Zorz Downloading anything from the internet is a gamble these days: you might think that you are downloading an innocuous app from a legitimate firm but thanks to clever misuse of AI and some social engineering, you can end up with information and

React to this headline:

Loading spinner

Windows, macOS users targeted with crypto-and-info-stealing malware Read More »

Threat Actor Targets the Manufacturing industry with Lumma Stealer and Amadey Bot

Threat Actor Targets the Manufacturing industry with Lumma Stealer and Amadey Bot 2024-12-05 at 13:17 By rohansinhacyblecom Key takeaways Overview CRIL recently identified a multi-stage cyberattack campaign originating from an LNK file. The initial infection vector remains unknown; however, the attack likely begins with a spear-phishing email, prompting the recipient to click on a link

React to this headline:

Loading spinner

Threat Actor Targets the Manufacturing industry with Lumma Stealer and Amadey Bot Read More »

Cybercriminals used a gaming engine to create undetectable malware loader

Cybercriminals used a gaming engine to create undetectable malware loader 2024-11-27 at 20:33 By Zeljka Zorz Threat actors are using an ingenious new way for covertly delivering malware to a wide variety of operating systems and platforms: they have created a malware loader that uses Godot Engine, an open-source game engine. The loader – dubbed

React to this headline:

Loading spinner

Cybercriminals used a gaming engine to create undetectable malware loader Read More »

Researchers unearth two previously unknown Linux backdoors

Researchers unearth two previously unknown Linux backdoors 2024-11-21 at 12:12 By Help Net Security ESET researchers have identified multiple samples of two previously unknown Linux backdoors: WolfsBane and FireWood. The goal of the backdoors and tools discovered is cyberespionage that targets sensitive data such as system information, user credentials, and specific files and directories. These

React to this headline:

Loading spinner

Researchers unearth two previously unknown Linux backdoors Read More »

Cyber crooks push Android malware via letter

Cyber crooks push Android malware via letter 2024-11-15 at 15:33 By Zeljka Zorz Cyber crooks are trying out an interesting new approach for getting information-stealing malware installed on Android users’ smartphones: a physical letter impersonating MeteoSwiss (i.e., Switzerland’s Federal Office of Meteorology and Climatology). “The letter asks the recipients to install a new severe weather

React to this headline:

Loading spinner

Cyber crooks push Android malware via letter Read More »

How a Windows zero-day was exploited in the wild for months (CVE-2024-43451)

How a Windows zero-day was exploited in the wild for months (CVE-2024-43451) 2024-11-14 at 12:02 By Zeljka Zorz CVE-2024-43451, a Windows zero-day vulnerability for which Microsoft released a fix on November 2024 Patch Tuesday, has been exploited since at least April 2024, ClearSky researchers have revealed. About the vulnerability CVE-2024-43451 affects all supported Windows versions

React to this headline:

Loading spinner

How a Windows zero-day was exploited in the wild for months (CVE-2024-43451) Read More »

Infostealers increasingly impact global security

Infostealers increasingly impact global security 2024-11-13 at 15:18 By Help Net Security Check Point Software’s latest threat index reveals a significant rise in infostealers like Lumma Stealer, while mobile malware like Necro continues to pose a significant threat, highlighting the evolving tactics used by cybercriminals across the globe. Last month researchers discovered an infection chain

React to this headline:

Loading spinner

Infostealers increasingly impact global security Read More »

Harnessing Chisel for Covert Operations: Dissecting a Multi-Stage PowerShell Campaign

Harnessing Chisel for Covert Operations: Dissecting a Multi-Stage PowerShell Campaign 2024-11-12 at 10:33 By rohansinhacyblecom Key Takeaways Executive Summary CRIL has recently identified a campaign engaging in a multi-stage infection chain. This chain employs several techniques, starting with the execution of PowerShell scripts. The campaign begins with a malicious LNK file that triggers the execution

React to this headline:

Loading spinner

Harnessing Chisel for Covert Operations: Dissecting a Multi-Stage PowerShell Campaign Read More »

Industrial companies in Europe targeted with GuLoader

Industrial companies in Europe targeted with GuLoader 2024-11-07 at 15:48 By Zeljka Zorz A recent spear-phishing campaign targeting industrial and engineering companies in Europe was aimed at saddling victims with the popular GuLoader downloader and, ultimately, a remote access trojan that would permit attackers to steal information from and access compromised computers whenever they wish.

React to this headline:

Loading spinner

Industrial companies in Europe targeted with GuLoader Read More »

North Korean hackers employ new tactics to compromise crypto-related businesses

North Korean hackers employ new tactics to compromise crypto-related businesses 2024-11-07 at 13:49 By Zeljka Zorz North Korean hackers are targeting crypto-related businesses with phishing emails and novel macOS-specific malware. The crypto-related phishing campaign Since July 2024, phishing emails seemingly containing helpful information on risks related to the rise of the price of Bitcoin have

React to this headline:

Loading spinner

North Korean hackers employ new tactics to compromise crypto-related businesses Read More »

GodFather Malware Expands Its Reach, Targeting 500 Banking And Crypto Applications Worldwide

GodFather Malware Expands Its Reach, Targeting 500 Banking And Crypto Applications Worldwide 2024-11-06 at 15:05 By daksh sharma Key Takeaways Overview Cyble Research and Intelligence Labs (CRIL) recently identified a phishing site, “mygov-au[.]app,” masquerading as the official MyGov website of the Australian Government. Upon further analysis, this site was found to be distributing a suspicious

React to this headline:

Loading spinner

GodFather Malware Expands Its Reach, Targeting 500 Banking And Crypto Applications Worldwide Read More »

Sophos mounted counter-offensive operation to foil Chinese attackers

Sophos mounted counter-offensive operation to foil Chinese attackers 2024-10-31 at 16:04 By Help Net Security Sophos conducted defensive and counter-offensive operation over the last five years with multiple interlinked nation-state adversaries based in China targeting perimeter devices, including Sophos Firewalls. Espionage campaigns tied to Chinese hacking groups The attackers used a series of campaigns with

React to this headline:

Loading spinner

Sophos mounted counter-offensive operation to foil Chinese attackers Read More »

Strela Stealer targets Central and Southwestern Europe through Stealthy Execution via WebDAV

Strela Stealer targets Central and Southwestern Europe through Stealthy Execution via WebDAV 2024-10-30 at 15:05 By rohansinhacyblecom Key Takeaways Executive Summary Strela Stealer, first identified by DCSO in late 2022, is a type of information-stealing malware primarily designed to exfiltrate email account credentials from widely used email clients, including Microsoft Outlook and Mozilla Thunderbird. This malware

React to this headline:

Loading spinner

Strela Stealer targets Central and Southwestern Europe through Stealthy Execution via WebDAV Read More »

US charges suspected Redline infostealer developer, admin

US charges suspected Redline infostealer developer, admin 2024-10-29 at 18:22 By Zeljka Zorz The identity of a suspected developer and administrator of the Redline malware-as-a-service operation has been revealed: Russian national Maxim Rudometov. Infrastructure takedown As promised on Monday when they announced the disruption of the Redline and Meta infostealer operations, law enforcement Operation Magnus

React to this headline:

Loading spinner

US charges suspected Redline infostealer developer, admin Read More »

Police hacks, disrupts Redline, Meta infostealer operations

Police hacks, disrupts Redline, Meta infostealer operations 2024-10-28 at 16:25 By Zeljka Zorz The Dutch National Police, along with partner law enforcement agencies, has disrupted the operation of the Redline and Meta infostealers and has collected information that may unmask users who paid to leverage the infamous malware. Screenshot of the Redline License Server panel

React to this headline:

Loading spinner

Police hacks, disrupts Redline, Meta infostealer operations Read More »

Adversarial groups adapt to exploit systems in new ways

Adversarial groups adapt to exploit systems in new ways 2024-10-28 at 06:36 By Help Net Security In this Help Net Security video, Jake King, Head of Threat & Security Intelligence at Elastic, discusses the key findings from the 2024 Elastic Global Threat Report. Adversaries are utilizing off-the-shelf tools Offensive security tools (OSTs), including Cobalt Strike

React to this headline:

Loading spinner

Adversarial groups adapt to exploit systems in new ways Read More »

HeptaX: Unauthorized RDP Connections for Cyberespionage Operations

HeptaX: Unauthorized RDP Connections for Cyberespionage Operations 2024-10-25 at 18:08 By rohansinhacyblecom Key takeaways Overview CRIL has come across a multi-stage cyberattack campaign that begins with a ZIP file containing a malicious shortcut file (.lnk). While the source of this ZIP file remains unknown, it is suspected to be disseminated through phishing emails. Based on

React to this headline:

Loading spinner

HeptaX: Unauthorized RDP Connections for Cyberespionage Operations Read More »

Scroll to Top