Tag: backdoor
-
New EAGLEDOOR backdoor spread in suspected Chinese APT attacks against Asia-Pacific
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/new-eagledoor-backdoor-spread-in-suspected-chinese-apt-attacks-against-asia-pacific
-
UNC2970’s Backdoor Deployed via Trojanized PDF Reader Targets Critical Infrastructure
by
in SecurityNewsMandiant has unveiled a new wave of cyber-espionage attacks orchestrated by the North Korea-linked group UNC2970. This group has recently employed a s… First seen on securityonline.info Jump to article: securityonline.info/unc2970s-backdoor-deployed-via-trojanized-pdf-reader-targets-critical-infrastructure/
-
Novel Backdoor Leveraged in North Korean Hackers’ Global Aerospace, Energy Attacks
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/novel-backdoor-leveraged-in-north-korean-hackers-global-aerospace-energy-attacks
-
Iran backdoors planted across Middle East telecoms, government agencies, Google says
by
in SecurityNewsFirst seen on therecord.media Jump to article: therecord.media/iran-backdoors-planted-across-middle-east-telecoms-government-orgs
-
UNC2970 Hackers Attacking Job Seekers Using Weaponized PDF Reader
by
in SecurityNewsUNC2970, a North Korean cyber espionage group, used customized SumatraPDF trojans to deliver MISTPEN backdoors to victims through phishing emails pret… First seen on gbhackers.com Jump to article: gbhackers.com/unc2970-hackers-job-pdf-attack/
-
‘Ancient’ MSFT Word Bug Anchors Taiwanese Drone-Maker Attacks
An attack dubbed WordDrone that uses an old flaw to install a backdoor could be related to previously reported cyber incidents against Taiwan’s milita… First seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/ancient-msft-word-bug-taiwanese-drone-maker-attacks
-
Smart Licensing Utility: Admin-Backdoor in Cisco-Lizenzierungstool entdeckt
by
in SecurityNewsFirst seen on golem.de Jump to article: www.golem.de/news/smart-licensing-utility-cisco-warnt-vor-admin-backdoor-in-lizenzierungstool-2409-188712.html
-
Part 1: Can Just Anyone Access Your ServiceNow Articles?
by
in SecurityNewsWhat if I told you that thousands of companies (30% of the accounts we reviewed) are leaving a backdoor open to their ServiceNow databases for anyone … First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/part-1-can-just-anyone-access-your-servicenow-articles/
-
Notorious Iranian Hackers Have Been Targeting the Space Industry With a New Backdoor
In addition to its longstanding password spraying attacks, Microsoft says Iran-backed hacker group Peach Sandstorm, or APT 33, has developed custom ma… First seen on wired.com Jump to article: www.wired.com/story/iran-peach-sandworm-tickler-backdoor/
-
GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware
by
in SecurityNewsA recently disclosed security flaw in OSGeo GeoServer GeoTools has been exploited as part of multiple campaigns to deliver cryptocurrency miners, botn… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/geoserver-vulnerability-targeted-by.html
-
New Vo1d malware infects 1.3 million Android streaming boxes
by
in SecurityNewsThreat actors have infected over 1.3 million TV streaming boxes running Android with a new Vo1d backdoor malware, allowing the attackers to take full … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-vo1d-malware-infects-13-million-android-streaming-boxes/
-
ToneShell Backdoor Targets IISS Defence Summit Attendees in Latest Espionage Campaign
Cyber espionage continues to intertwine with global strategy as the ToneShell backdoor, linked to the notorious Mustang Panda group, reemerges. In a r… First seen on securityonline.info Jump to article: securityonline.info/toneshell-backdoor-targets-iiss-defence-summit-attendees-in-latest-espionage-campaign/
-
New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm
The Chinese-speaking threat actor known as Earth Lusca has been observed using a new backdoor dubbed KTLVdoor as part of a cyber attack targeting an u… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/new-cross-platform-malware-ktlvdoor.html
-
North Korean Hackers Targets Job Seekers with Fake FreeConference App
by
in SecurityNewsNorth Korean threat actors have leveraged a fake Windows video conferencing application impersonating FreeConference.com to backdoor developer systems… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/north-korean-hackers-targets-job.html
-
China’s ‘Earth Lusca’ Propagates Multiplatform Backdoor
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/chinas-earth-lusca-propagates-multiplatform-backdoor
-
New Loki Backdoor Attacking macOS Systems
by
in SecurityNewsCody Thomas developed Apfell, an open-source macOS post-exploitation framework, in 2018 and evolved into Mythic, a cross-platform framework that addre… First seen on gbhackers.com Jump to article: gbhackers.com/loki-macos-attack/
-
Threat Actors Using New Malware Toolkit That Involves IIS Backdoor, DNS Tunneling
by
in SecurityNewsThe Iranian threat actor APT34, also known as GreenBug, has recently launched a new campaign targeting Iraqi government entities by employing a custom… First seen on gbhackers.com Jump to article: gbhackers.com/iis-backdoor-dns-tunneling/
-
NoiseAttack is a Novel Backdoor That Uses Power Spectral Density For Evasion
by
in SecurityNews
Tags: backdoorNoiseAttack is a new method of secretly attacking deep learning models. It uses triggers made from White Gaussian Noise to create several targeted cla… First seen on gbhackers.com Jump to article: gbhackers.com/noiseattack-is-a-novel-backdoor/
-
New BugSleep Backdoor Deployed in Recent MuddyWater Campaigns
by
in SecurityNewsey Findings Introduction MuddyWater, an Iranian threat groupaffiliatedwith the Ministry of Intelligence and Security (MOIS), is known to be active sin… First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2024/new-bugsleep-backdoor-deployed-in-recent-muddywater-campaigns/
-
APT60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor
by
in CISOA South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw in Kingsoft WP… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/apt-c-60-group-exploit-wps-office-flaw.html
-
New KTLVdoor Backdoor Discovered in Multiplatform Intrusion Campaign Linked to Earth Lusca
by
in SecurityNewsCybersecurity researchers from Trend Micro have uncovered a new and highly sophisticated multiplatform backdoor dubbed KTLVdoor, linked to the notorio… First seen on securityonline.info Jump to article: securityonline.info/new-ktlvdoor-backdoor-discovered-in-multiplatform-intrusion-campaign-linked-to-earth-lusca/
-
Earth Lusca adds multiplatform malware KTLVdoor to its arsenal
The Chinese-speaking threat actor Earth Lusca used the new backdoor KTLVdoor in an attack against a trading company in China. Trend Micro Researchers … First seen on securityaffairs.com Jump to article: securityaffairs.com/168078/malware/earth-lusca-malware-ktlvdoor.html
-
Researcher Identifies ToddyCat-Inspired APT Attack Leveraging ICMP Backdoor and Microsoft Exchange Flaws
by
in SecurityNewsCybersecurity researchers at Kaspersky’s Global Emergency Response Team (GERT) have uncovered a sophisticated attack involving an ICMP backdoor, beari… First seen on securityonline.info Jump to article: securityonline.info/researcher-identifies-toddycat-inspired-apt-attack-leveraging-icmp-backdoor-and-microsoft-exchange-flaws/
-
macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT.The artifacts alm… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/macos-version-of-hz-rat-backdoor.html
-
Earth Lusca Using Multiplatform Backdoor to Attack Windows Linux Machines
Earth Lusca is a suspected China-based cyber espionage group active since at least April 2019. Besides this, hackers often target Windows and Linux ma… First seen on gbhackers.com Jump to article: gbhackers.com/earth-lusca-using-multiplatform-backdoor/
-
Cisco warns of backdoor admin account in Smart Licensing Utility
by
in SecurityNewsCisco has removed a backdoor account in the Cisco Smart Licensing Utility (CSLU) that can be used to log into unpatched systems with administrative pr… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-warns-of-backdoor-admin-account-in-smart-licensing-utility/
-
ToddyCat APT Abuses SMB, Exploits IKEEXT A Exchange RCE To Deploy ICMP Backdoor
by
in SecurityNewsToddyCat is an APT group that has been active since December 2020, and primarily it targets the government and military entities in Europe and Asia. T… First seen on gbhackers.com Jump to article: gbhackers.com/toddycat-apt-exploits/
-
New Custom Malware >>Tickler<< Attack Satellite Devices
Microsoft identified a new custom multi-stage backdoor, >>Tickler,
-
Godzilla Backdoor: A Stealthy Threat Targeting Atlassian Confluence Flaw (CVE-2023-22527)
by
in SecurityNewsA recent discovery by cybersecurity researchers at Trend Micro has unveiled a sophisticated new attack vector targeting Atlassian Confluence servers, … First seen on securityonline.info Jump to article: securityonline.info/godzilla-backdoor-a-stealthy-threat-targeting-atlassian-confluence-flaw-cve-2023-22527/
-
Iran-Backed Peach Sandstorm Hackers Deploy New Tickler Backdoor
by
in SecurityNewsThe hacking subsidiary of the Iranian Islamic Revolutionary Guard Corps (RGC) has targeted satellite, communications, oil and gas and government secto… First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/iran-peach-sandstorm-hackers/