Clik here to view.
New malware Cthulhu Stealer targets Apple macOS users
Cato Security found a new info stealer, called Cthulhu Stealer, that targets Apple macOS and steals a wide range of information. Cado Security researchers have discovered a malware-as-a-service (MaaS)...
View ArticleClik here to view.
Phishing attacks target mobile users via progressive web applications (PWA)
Cybercriminals use progressive web applications (PWA) to impersonate banking apps and steal credentials from mobile users. ESET researchers detailed a phishing campaign against mobile users that uses...
View ArticleClik here to view.
Qilin ransomware steals credentials stored in Google Chrome
Sophos researchers investigated a Qilin ransomware breach attack that led to the theft of credentials stored in Google Chrome browsers. Sophos researchers investigated a Qilin ransomware attack where...
View ArticleSECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 8
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Meet UULoader: An Emerging and Evasive Malicious Installer...
View ArticleLinux malware sedexp uses udev rules for persistence and evasion
Researchers spotted a new stealthy Linux malware named sedexp that uses Linux udev rules to achieve persistence and evade detection. Aon’s Cyber Solutions spotted a new malware family, called sedexp,...
View ArticleClik here to view.
US offers $2.5M reward for Belarusian man involved in mass malware distribution
The US Department of State offers a $2.5 million reward for information leading to the arrest of a Belarusian cybercriminal involved in the mass malware distribution. The US Department of State...
View ArticleClik here to view.
BlackByte Ransomware group targets recently patched VMware ESXi flaw...
BlackByte ransomware operators are exploiting a recently patched VMware ESXi hypervisors vulnerability in recent attacks. Cisco Talos observed the BlackByte ransomware group exploiting the recently...
View ArticleClik here to view.
Young Consulting data breach impacts 954,177 individuals
A ransomware attack by the BlackSuit group on Young Consulting compromised the personal information of over 950,000 individuals. Software solutions provider Young Consulting disclosed a data breach...
View ArticleClik here to view.
Iran-linked group APT33 adds new Tickler malware to its arsenal
Iran-linked group APT33 used new Tickler malware in attacks against organizations in the government, defense, satellite, oil and gas sectors. Microsoft researchers reported that the Iran-linked...
View ArticleClik here to view.
Corona Mirai botnet spreads via AVTECH CCTV zero-day
An instance of the Corona Mirai botnet spreads via AVTECH CCTV zero-day and multiple previously known vulnerabilities. Akamai’s Security Intelligence and Response Team (SIRT) has detected a botnet...
View ArticleClik here to view.
Russia-linked APT29 reused iOS and Chrome exploits previously developed by...
Russia-linked APT29 group was spotted reusing iOS and Chrome exploits previously developed by surveillance firms NSO Group and Intellexa. Google TAG (Threat Analysis Group) researchers observed the...
View ArticleClik here to view.
Threat actors exploit Atlassian Confluence bug in cryptomining campaigns
Threat actors are actively exploiting a critical flaw in the Atlassian Confluence Data Center and Confluence Server in cryptocurrency mining campaigns. The critical vulnerability CVE-2023-22527 (CVSS...
View ArticleSECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 9
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Unveiling “sedexp”: A Stealthy Linux Malware Exploiting udev...
View ArticleClik here to view.
A new variant of Cicada ransomware targets VMware ESXi systems
A new ransomware-as-a-service (RaaS) operation called Cicada3301 has emerged in the threat landscape and already targeted tens of companies. Cicada3301 is a new ransomware-as-a-service (RaaS)...
View ArticleLockbit gang claims the attack on the Toronto District School Board (TDSB)
The Toronto District School Board (TDSB) confirmed that student information was compromised in the June Lockbit ransomware attack. The Toronto District School Board (TDSB) confirmed that students’...
View ArticleClik here to view.
Earth Lusca adds multiplatform malware KTLVdoor to its arsenal
The Chinese-speaking threat actor Earth Lusca used the new backdoor KTLVdoor in an attack against a trading company in China. Trend Micro Researchers spotted the Chinese-speaking threat actor Earth...
View ArticleRussia-linked GRU Unit 29155 targeted critical infrastructure globally
The United States and its allies state that Russia-linked threat actors operating under the GRU are behind global critical infrastructure attacks. The FBI, CISA, and NSA linked threat actors from...
View ArticleSECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 10
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. BlackSuit Ransomware Dissecting the Cicada Year-Long...
View ArticleClik here to view.
Multiple malware families delivered exploiting GeoServer GeoTools flaw...
Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. Researchers at Fortinet FortiGuard Labs reported that threat...
View ArticleClik here to view.
TIDRONE APT targets drone manufacturers in Taiwan
A previously undocumented threat actor tracked TIDRONE targets organizations in military and satellite industries in Taiwan. Trend Micro spotted an allegedly China-linked threat actor, tracked...
View Article