Tag: infection
-
Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware
The Lazarus Group, an infamous threat actor linked to the Democratic People’s Republic of Korea (DPRK), has been observed leveraging a “complex infection chain” targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024.The attacks, which culminated in the deployment of a new modular backdoor…
-
Routers with default passwords are attracting Mirai infections, Juniper says
by
in SecurityNewsBeginning December 11, customers started reporting “suspicious behavior” on their Session Smart Routers, Juniper says, and they had one thing in common: They were still using the factory-set passwords on the devices.]]> First seen on therecord.media Jump to article: therecord.media/routers-with-default-passwords-mirai-malware-juniper
-
New I2PRAT Malware Using encrypted peerpeer communication to Evade Detections
by
in SecurityNewsCybersecurity experts are sounding the alarm over a new strain of malware dubbed >>I2PRAT,
-
Technical Analysis of RiseLoader
by
in SecurityNewsIntroductionIn October 2024, Zscaler ThreatLabz came across malware samples that use a network communication protocol that is similar to RisePro. However, unlike RisePro which has primarily been used for information stealing, this new malware specializes in downloading and executing second-stage payloads. Due its distinctive focus and similarities with RisePro’s communication protocol, we named this new…
-
NoviSpy Spyware Installed on Journalist’s Phone After Unlocking It With Cellebrite Tool
A Serbian journalist had his phone first unlocked by a Cellebrite tool and subsequently compromised by a previously undocumented spyware codenamed NoviSpy, according to a new report published by Amnesty International.”NoviSpy allows for capturing sensitive personal data from a target’s phone after infection and provides the ability to turn on the phone’s microphone or camera…
-
PUMA creeps through Linux with a stealthy rootkit attack
by
in SecurityNewsA new loadable kernel module (LKM) rootkit has been spotted in the wild compromising Linux systems with advanced stealth and privilege escalation features.PUMAKIT, as called by the Elastic Security researchers who discovered it during routine threat hunting on VirusTotal, was deployed as part of a multi-stage malware architecture that consists of a dropper, two memory-resident…
-
US sanctions Chinese cybersecurity firm over global malware campaign
by
in SecurityNews
Tags: attack, breach, china, computer, control, corporate, credentials, cve, cyber, cyberattack, cybersecurity, email, encryption, exploit, finance, firewall, fraud, government, group, healthcare, identity, infection, infrastructure, intelligence, international, malicious, malware, monitoring, network, office, password, ransomware, risk, service, software, sophos, technology, terrorism, threat, tool, vulnerability, zero-dayThe US government has imposed sanctions on Chinese cybersecurity firm Sichuan Silence Information Technology and one of its employees, Guan Tianfeng, for their alleged involvement in a 2020 global cyberattack that exploited zero day vulnerabilities in firewalls.The actions were announced by the US Department of the Treasury and the Department of Justice (DOJ), which also…
-
$1 phone scanner finds seven Pegasus spyware infections
iVerify’s detection tool was launched in May and is turning up victims. First seen on arstechnica.com Jump to article: arstechnica.com/security/2024/12/1-phone-scanner-finds-seven-pegasus-spyware-infections/
-
Pegasus Spyware Infections Proliferate Across iOS, Android Devices
by
in SecurityNewsThe notorious spyware from Israel’s NSO Group has been found targeting journalists, government officials, and corporate executives in multiple variants discovered in a threat scan of 3,500 mobile phones. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/pegasus-spyware-infections-ios-android-devices
-
Study shows potentially higher prevalence of spyware infections than previously thought
by
in SecurityNewsAn investigation into the numbers has some caveats, but those behind it say even a drastic reduction from what they found would be big. First seen on cyberscoop.com Jump to article: cyberscoop.com/study-shows-potentially-higher-prevalence-of-spyware-infections-than-previously-thought/
-
A New Phone Scanner That Detects Spyware Has Already Found 7 Pegasus Infections
The mobile device security firm iVerify has been offering a tool since May that makes spyware scanning accessible to anyone”, and it’s already turning up victims. First seen on wired.com Jump to article: www.wired.com/story/iverify-spyware-detection-tool-nso-group-pegasus/
-
The New Face of Cyber Espionage: Inside the Two-Stage Infection Strategy of China-Linked Threat Actors
First seen on thefinalhop.com Jump to article: www.thefinalhop.com/china-linked-hackers-adopt-sophisticated-two-stage-infection-tactic-to-deploy-deuterbear-rat/
-
Act fast to snuff out employee curiosity over ‘free’ AI apps
by
in SecurityNewsThe word “free” has always tempted employees who are looking for an app or template to make their work easier. These days, combine “free” with “AI” and the lure is almost irresistible.Since the release of ChatGPT in late 2022, free AI-themed apps have exploded. Unfortunately, some are created by threat actors. One of the latest…
-
Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign
As many as 2,000 Palo Alto Networks devices are estimated to have been compromised as part of a campaign abusing the newly disclosed security flaws that have come under active exploitation in the wild.According to statistics shared by the Shadowserver Foundation, a majority of the infections have been reported in the U.S. (554) and India…
-
1,400 Pegasus spyware infections detailed in WhatsApp’s lawsuit filings
by
in SecurityNewsFirst seen on therecord.media Jump to article: therecord.media/pegasus-spyware-infections-detailed-whatsapp-lawsuit
-
Ransomware fiends boast they’ve stolen 1.4TB from US pharmacy network
by
in SecurityNewsAmerican Associated Pharmacies yet to officially confirm infection First seen on theregister.com Jump to article: www.theregister.com/2024/11/13/embargo_ransomware_breach_aap/
-
Emmenhtal Loader Uses Scripts to Deliver Lumma and Other Malware
by
in SecurityNewsEmmenhtal Loader uses LOLBAS techniques, deploying malware like Lumma and Amadey through legitimate Windows tools. Its infection chain… First seen on hackread.com Jump to article: hackread.com/emmenhtal-loader-uses-scripts-deliver-lumma-malware/
-
Harnessing Chisel for Covert Operations: Unpacking a Multi-Stage PowerShell Campaign
by
in SecurityNewsThe Cyble Research and Intelligence Lab (CRIL) has recently uncovered a sophisticated multi-stage infection chain, primarily driven by PowerShell scripts. This campaign, which targets organizations through a variety of attack vectors, has been designed to maintain persistence, bypass security measures, and enable further malicious activities. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/new-powershell-campaign/
-
Bumblebee malware infection chain seen for the first time since May
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/bumblebee-malware-infection-chain-seen-for-the-first-time-since-may
-
How cyber compliance helps minimize the risk of ransomware infections
by
in SecurityNewsOver the past decade, ransomware has been cemented as one of the top cybersecurity threats. In 2023 alone, the FBI received 2,385 ransomware complaint… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/24/cyber-compliance-minimize-risk/
-
Beware Of Malicious Chrome Extension That Delivers Weaponized ZIP Archive
In August 2024, researchers detected a malicious Google Chrome browser infection that led to the distribution of LummaC2 stealer malware that utilized… First seen on gbhackers.com Jump to article: gbhackers.com/malicious-chrome-extension-zip/
-
Cybercriminals Exploit Popular Software Searches to Spread FakeBat Malware
by
in SecurityNewsCybersecurity researchers have uncovered a surge in malware infections stemming from malvertising campaigns distributing a loader called FakeBat.These… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/cybercriminals-exploit-popular-software.html
-
‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections
by
in SecurityNewsResearchers warn that a bug in AMD’s chips would allow attackers to root into some of the most privileged portions of a computer, and that it has pers… First seen on wired.com Jump to article: www.wired.com/story/amd-chip-sinkclose-flaw/
-
Ransomware infection cuts off blood supply to 250+ hospitals
by
in SecurityNewsFirst seen on theregister.com Jump to article: www.theregister.com/2024/07/31/ransomware_blood_supply_hospital/
-
Greek prosecutor says government played no role in civil society spyware infections
by
in SecurityNewsFirst seen on therecord.media Jump to article: therecord.media/greece-predator-spyware-investigation