The Last Watchdog

AUGUST 1, 2023

1, 2023 – Guardz , the cybersecurity company securing and insuring SMEs, today disclosed the existence of a Hidden Virtual Network Computing (hVNC) malware targeting macOS devices. Recently, Guardz identified an information stealing malware called ‘ ShadowVault , ’ which also exclusively targets macOS devices.

Malware 189

Malware Insurance Cyber Insurance Small Business 189

Heimadal Security

OCTOBER 13, 2023

A new Balada Injector campaign used known WordPress plugin and theme vulnerabilities to hack over 17,000 websites during September 2023. Threat actors exploited the CVE-2023-3169 cross-site scripting (XSS) vulnerability in tagDiv Composer. Composer is a tool for the tagDiv’s Newspaper and Newsmag WordPress themes.

Malware 104

Malware Hacking Cybersecurity 104

Heimadal Security

AUGUST 30, 2023

Threat actors exploit a known remote code vulnerability in RocketMQ servers to infect devices with DreamBus malware. CVE-2023-33246 was discovered in May 2023 and received a 9.8 score, which labels it as critical. It is a permission verification issue that impacts RocketMQ version 5.1.0

Malware 81

Malware Cybersecurity 81

Security Boulevard

JUNE 6, 2023

Capitalizing on the convenience of the Software as a Service (SaaS) model, malicious actors are offering Malware as a Service (MaaS): ready-made malware packages on the dark web, presenting less technical individuals with the opportunity to launch sophisticated cyber attacks.

Malware 52

Malware Cyber threats Cyber Attacks Software 52

SecureList

MAY 11, 2023

Although early 2023 saw a slight decline in the number of ransomware attacks, they were more sophisticated and better targeted. A few months after last year’s blog post came out, we stumbled across a new multi-platform ransomware family, which targeted both Linux and Windows. In 2022, Kaspersky solutions detected over 74.2M

Ransomware 120

Ransomware Malware Architecture Telecommunications 120

Heimadal Security

FEBRUARY 14, 2023

Threat actors breached Pepsi Bottling Ventures LLC`s network and successfully installed info-stealing malware. The incident happened on or around December 23rd, 2022, and the team discovered it 18 days later, on January 10th, 2023. It took the IT team another 9 days to remediate the breach and secure the system.

Data breaches 119

Data breaches Malware Cybersecurity 119

Malwarebytes

APRIL 3, 2023

But as malware evolves and cyberattacks become more common, keeping up with the top threats to the channel can be difficult. With a plethora of cyberthreats out there, which ones should channel partners focus on in 2023? In February 2023 alone, the group published 126 victims on its leak page.

Malware 70

Malware Education Ransomware Security Awareness 70

Security Boulevard

JANUARY 3, 2024

In mid-2023, the Ukrainian CERT issued advisory #6710, unmasking a threat actor identified as “UAC-0099.” In this blog post, we’ll look into the intricate […] The post WinRAR Flaw: LONEPAGE Malware Strikes Ukrainian Firms appeared first on TuxCare.

Malware 59

Malware Cybersecurity Cyber threats Phishing 59

Heimadal Security

JUNE 20, 2023

A new malware campaign employs fake OnlyFans content and adult lures to install the remote access trojan ‘DcRAT,’ enabling threat actors to steal data and credentials or deploy ransomware on infected devices.

Malware 93

Malware Government Ransomware Cybersecurity 93

eSecurity Planet

DECEMBER 14, 2023

Microsoft announced only one zero-day flaw this month: CVE-2023-20588 , which is found in AMD processors. Four Critical Vulnerabilities Announced The first of the four critical flaws announced, CVE-2023-35628 , is a remote code execution vulnerability in the Windows MSHTML platform with a CVSS score of 8.1.

Antivirus 111

Antivirus Engineering Security Defenses Cybersecurity 111

Security Boulevard

MAY 18, 2023

Nuspire’s latest threat report, which analyzes threat data from Q1 2023, revealed the record-breaking threat numbers clocked in 2022 are showing no signs of slowing in 2023. Read More The post Nuspire’s Q1 2023 Cyber Threat Report Shows Spike in Exploits, Botnets and Malware appeared first on Nuspire.

Threat Reports 59

Threat Reports Cyber threats Malware 59

Malwarebytes

AUGUST 11, 2023

The year is 2023 and there still are some people using Internet Explorer on planet Earth. More shocking perhaps, is the fact there are still threat actors maintaining exploit kit infrastructure and dropping new malware. The exploit kit is one of the delivery mechanisms for the PurpleFox malware.

Internet 94

Internet Internet Malware 94

Heimadal Security

JUNE 19, 2023

Mystic Stealer is an information-stealing malware that first emerged on hacking forums on April 2023. Details About Mystic Stealer The malware is rented for $150/month, or $390/ quarter, as announced on forums like WWH-Club, BHF, and XSS. The stealer gets more and more popular among cybercriminals as its features evolve.

Malware 85

Malware Hacking Cybersecurity 85

Heimadal Security

MAY 10, 2023

AndoryuBot new malware aims to infect unpatched Wi-Fi access points to enlist them in DDoS attacks. The flaw is tracked as CVE-2023-25717 and enables hackers to perform remote code execution (RCE) by sending unauthenticated HTTP GET requests to unpatched devices. […] The post Warning!

DDOS 102

DDOS Malware Wireless Cybersecurity 102

Heimadal Security

APRIL 18, 2023

Researchers recently discovered a new malware family named “Domino”, allegedly created by ITG14, also known as the FIN7 threat group. Reportedly, ex-Conti hackers have been using it since at least February 2023 to spread Project Nemesis info stealer or Cobalt Strike.

Malware 89

Malware Cybersecurity 89

Heimadal Security

MARCH 2, 2023

Two separate threat campaigns targeted six different law firms in January and February 2023, distributing GootLoader and FakeUpdates, also known as SocGholish malware. GootLoader is a first-stage downloader capable of delivering a wide range of secondary payloads such as Cobalt Strike and ransomware and has been active since late 2020.

Malware 95

Malware Ransomware Cybersecurity 95

Heimadal Security

JUNE 21, 2023

The Chinese hackers used the new malware in a campaign targeting foreign affairs ministries in the Americas, between 2022 – 2023.

Malware 102

Malware Marketing Government Cybersecurity 102

Heimadal Security

AUGUST 23, 2023

Department of Defense, as part of HiatusRAT Malware Campaign. HiatusRAT was first observed at the beginning of 2023, targeting organizations in Europe and Latin America. By March, […] The post New HiatusRAT Malware Campaign Targets U.S. Defense Department`s Server appeared first on Heimdal Security Blog.

Malware 82

Malware Government Cybersecurity 82

Heimadal Security

FEBRUARY 10, 2023

A new custom-made malware, the Screenshotter, surveils the victims before stealing data. The threat actor called TA886 is utilizing this malware to target users from the United States and Germany. Researchers first spotted the campaign in October 2022, but its activity increased in 2023.

Surveillance 85

Surveillance Malware Cybersecurity 85

Security Affairs

FEBRUARY 1, 2024

Mandiant spotted new malware used by a China-linked threat actor UNC5221 targeting Ivanti Connect Secure VPN and Policy Secure devices. Mandiant researchers discovered new malware employed by a China-linked APT group known as UNC5221 and other threat groups targeting Ivanti Connect Secure VPN and Policy Secure devices.

VPN 99

VPN Malware Authentication Hacking 99

Security Boulevard

NOVEMBER 20, 2023

HYAS Malware Detonations The milestone we’ve achieved this month is the re-tooling of our malware detonation infrastructure and the data pipeline that feeds many parts of HYAS Insight. First, we are now detonating and analyzing tens of thousands of malware samples per day on average. But I am getting ahead of myself.

Malware 72

Malware Spyware DNS Architecture 72

Security Affairs

MAY 9, 2023

Microsoft Patch Tuesday Security updates for May 2023 address a total of 40 vulnerabilities, including two zero-day actively exploited in attacks. Microsoft’s May 2023 security updates address 40 vulnerabilities, including two zero-day flaws actively exploited in attacks. This vulnerability is actively exploited in attacks.

Antivirus 94

Antivirus Malware Hacking Cybersecurity 94

Trend Micro

JANUARY 8, 2024

Pikabot is a loader with similarities to Qakbot that was used in spam campaigns during most of 2023. Our blog entry provides a technical analysis of this malware.

Malware 117

Malware Phishing 117

eSecurity Planet

SEPTEMBER 5, 2023

August 28, 2023 Ransomware Group Exploits Citrix NetScaler Vulnerability In July, Citrix released a patch for a critical remote code execution vulnerability ( CVE-2023-3519 ), which affected the company’s NetScaler ADC and NetScaler Gateway products and carried a severity rating of 9.8 out of 10 on the CVSS vulnerability scale.

VPN 103

VPN Authentication Ransomware Antivirus 103

SecureList

JANUARY 18, 2023

The threat landscape is constantly updated through new malware and spyware, advanced phishing methods, and new social engineering techniques. Last year, the cybersecurity of corporations and government agencies was more significant than ever before, and will become even more so in 2023. These add up to 144 million annually.

Media 106

Media Social Engineering Ransomware Hacking 106

Security Boulevard

JULY 18, 2023

Finding #1: 66% of malware is delivered through PDF The old adage about “tried-and-true” still holds firm regarding threat actors’ methods. The post 2023 Palo Alto Report: Top 3 Cybersecurity Threats to Look Out For appeared first on Security Boulevard. Commonly-used productivity.

Cybersecurity 98

Cybersecurity Malware 98

Security Affairs

MAY 3, 2023

Threat actors are using the promise of generative AI like ChatGPT to deliver malware, Facebook parent Meta warned. Threat actors are taking advantage of the huge interest in generative AI like ChatGPT to trick victims into installing malware, Meta warns. ” reads the Meta’s Q1 2023 Security Reports.

Malware 91

Malware Education Accountability Media 91

Security Affairs

APRIL 26, 2023

On March 7, 2023, the researchers found a Linux variant of the PingPull that was uploaded to VirusTotal, it had a very low detection rate (3 out of 62) “Despite a largely benign verdict, additional analysis has determined that this sample is a Linux variant of PingPull malware. ” reads the analysis published by Unit 42.

Malware 91

Malware Telecommunications Government VPN 91

CyberSecurity Insiders

MARCH 1, 2023

From early this year, two malware variants targeted almost 6-7 law firms spread through two separate incidents, alerting whole of the world about the lurking cyber threat. Both these malware families launched in January and February of this year, respectively.

Cyber threats 102

Cyber threats Malware Ransomware Cybersecurity 102

Heimadal Security

APRIL 24, 2023

The number of cyberattacks spreading EvilExtractor malware across Europe and the U.S. Researchers warn that threat actors used the data theft tool in a massive phishing campaign in March 2023. Details About EvilExtractor A company named […] The post The Incidence of EvilExtractor Malware Rises Across Europe and the U.S.

Malware 72

Malware Phishing Cybersecurity 72

Security Affairs

MAY 1, 2023

The previously undetected LOBSHOT malware is distributed using Google ads and gives operators VNC access to Windows devices. Threat actors are using an elaborate scheme of fake websites through Google Ads to spread their malware, the backdoors are embedded in installers for apparently legitimate applications, such as AnyDesk.

Malware 83

Malware Cybercrime Banking Software 83

Heimadal Security

MARCH 3, 2023

This advanced persistent threat (APT), also known as TA416 and Bronze President, targets organizations worldwide with customized versions of PlugX malware.

Malware 77

Malware Government Cybersecurity 77

eSecurity Planet

NOVEMBER 6, 2023

30, 2023 NGINX Ingress Controller for Kubernetes Flaws Can Lead to Credential Theft Type of Attack: Path sanitization bypass and injection vulnerabilities discovered in the NGINX Ingress controller can allow for credential theft, arbitrary command execution, and critical data access. CVE-2023-5044 (Code Injection): This CVSS score 7.6

Software 110

Software Education Ransomware Firmware 110

Security Affairs

MAY 4, 2023

Facebook discovered a new information-stealing malware, dubbed ‘NodeStealer,’ that is being distributed on Meta. NodeStealer is a new information-stealing malware distributed on Meta that allows stealing browser cookies to hijack accounts on multiple platforms, including Facebook, Gmail, and Outlook. environment.

Malware 89

Malware Accountability Advertising Education 89

Malwarebytes

JUNE 9, 2023

Known ransomware attacks by gang, May 2023 This isn't the first time this year a gang has overhauled LockBit and climbed to the top spot on our monthly charts. The gang's blog suggests it's open to targeting businesses of all sizes, so long as they aren't located in "Latin America, Africa, or other colonized countries." A new norm?

Ransomware 84

Ransomware Education Encryption Software 84

Security Boulevard

JANUARY 11, 2024

This became abundantly clear last year as malware attacks on IoT devices emerged as a fast-rising threat. In this blog post, we’ll explore the potential impact of IoT malware on the public sector — a story of innovation, risk, and the need for resilience. and East Asia.

IoT 75

IoT Malware Education Government 75

Security Boulevard

APRIL 25, 2023

There are also new alerts for post compromise to monitor internal IP actions for indicators of malware on customer’s networks. The post Netography Detection Model Release – April 24, 2023 appeared first on Netography. The post Netography Detection Model Release – April 24, 2023 appeared first on Security Boulevard.

Malware 59

Malware 59