This site uses cookies to improve your experience. By viewing our content, you are accepting the use of cookies. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country we will assume you are from the United States. View our privacy policy and terms of use.

Remove vulnerabilities-threats lazarus-group-builds-its-first-macos-malware
article thumbnail

Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 71
Spyware Ransomware Malware Data breaches 71
article thumbnail

3CX Desktop App Supply Chain Attack Targets Millions – Known Facts and First Expert Comments

CyberSecurity Insiders

MARCH 30, 2023

The trojanized 3CX desktop app serves as the first stage of a multi-stage attack chain that pulls ICO files appended with Base64 data from GitHub, ultimately leading to a third-stage infostealer DLL. The attack affects the Windows Electron client (versions 18.12.407 and 18.12.416) and macOS versions of the PBX phone system.

Software 93
Software Risk Malware CISO 93
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

article thumbnail

IT threat evolution in Q2 2023

SecureList

AUGUST 30, 2023

IT threat evolution in Q2 2023 IT threat evolution in Q2 2023. Non-mobile statistics IT threat evolution in Q2 2023. While investigating an infection of a cryptocurrency company in Southeast Asia, we found Gopuram coexisting on target computers with AppleJeus , a backdoor attributed to the Lazarus.

Malware 73
Malware Spyware Cryptocurrency Government 73
article thumbnail

North Korean APT Uses Fake Job Offers as Linux Malware Lure

SecureWorld News

APRIL 21, 2023

ESET researchers have discovered a new Lazarus Group campaign targeting Linux users. According to a recent blog post : "Operation DreamJob is the name for a series of campaigns where the group uses social engineering techniques to compromise its targets, with fake job offers as the lure.

Malware 76
Malware Social Engineering Password Management IoT 76
article thumbnail

APT trends report Q2 2023

SecureList

JULY 27, 2023

For more than six years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. Kaspersky employees were also affected by this threat. Cyberattacks have spiked and various hacktivist groups have taken sides.

Malware 84
Malware Government Phishing Social Engineering 84
article thumbnail

APT annual review 2021

SecureList

NOVEMBER 30, 2021

In the Global Research and Analysis Team at Kaspersky, we track the ongoing activities of more than 900 advanced threat actors and activity clusters; you can find our quarterly overviews here , here and here. Private sector vendors play a significant role in the threat landscape.

Malware 101
Malware Mobile Spyware Surveillance 101
article thumbnail

IT threat evolution Q1 2021

SecureList

MAY 31, 2021

In December, SolarWinds, a well-known IT managed services provider, fell victim to a sophisticated supply-chain attack. The company’s Orion IT, a solution for monitoring and managing customers’ IT infrastructure, was compromised by threat actors. Lazarus targets the defence industry.

Malware 94
Malware Adware Encryption Architecture 94
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 

Stay Connected

Join 29,000+ Insiders by signing up for our newsletter

About
Webinars
About
Editions
Webinars
Editions
Topics
Powered by Aggregage | Terms and Conditions | Your California Rights and Privacy Policy
© Aggregage 2024