51 matches found
Watering Hole Attack Targets EmEditor Users with Information-Stealing Malware
TrendAI™ Research provides a technical analysis of a compromised EmEditor installer used to deliver multistage malware that performs a range of malicious actions...
Operation SyncHole: Lazarus APT goes back to the well
We have been tracking the latest attack campaign by the Lazarus group since last November, as it targeted organizations in South Korea with a sophisticated combination of a watering hole strategy and vulnerability exploitation within South Korean software. The campaign, dubbed "Operation SyncHole...
Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware
As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack designed to harvest sensitive information for over a year and a half. French cybersecurity firm Sekoia, which disclosed details of the campaign dubbed SilentSelfie, described the intrusio...
Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack
Cybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and Google Chrome browsers to infect mobile users with information-stealing malware. "These campaigns delivered n-day exploits for which patches were available, but would...
Stealthy Kamran Spyware Targeting Urdu-speaking Users in Gilgit-Baltistan
Urdu-speaking readers of a regional news website that caters to the Gilgit-Baltistan region have likely emerged as a target of a watering hole attack designed to deliver a previously undocumented Android spyware dubbed Kamran. The campaign, ESET has discovered, leverages Hunza News...
North Korean Kimsuky Hackers Strike Again with Advanced Reconnaissance Malware
The North Korean advanced persistent threat APT group known as Kimsuky has been observed using a piece of custom malware called RandomQuery as part of a reconnaissance and information exfiltration operation. "Lately, Kimsuky has been consistently distributing custom malware as part of...
PT-2023-7358 · Dreamsecurity · Dreamsecurity Magicline4Nx
Name of the Vulnerable Software and Affected Versions: DreamSecurity MagicLine4NX versions 1.0.0.1 through 1.0.0.26 Description: The issue is related to a buffer overflow vulnerability. This vulnerability can be exploited by a remote attacker to gain unauthorized access to protected information a...
APT Earth Kitsune delivers new WhiskerSpy malware via watering hole attack
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Earth Kitsune, an advanced persistent threat APT actor known for targeting individuals interested in North Korea, also China, Brazil, and Japan and has been found to be using a new backdoor called...
Chinese LuoYu Hackers Using Man-on-the-Side Attacks to Deploy WinDealer Backdoor
An "extremely sophisticated" Chinese-speaking advanced persistent threat APT actor dubbed LuoYu has been observed using a malicious Windows tool called WinDealer that's delivered by means of man-on-the-side attacks. "This groundbreaking development allows the actor to modify network traffic...
Hackers Infect macOS with New DazzleSpy Backdoor in Watering-Hole Attacks
A previously undocumented cyber-espionage malware aimed at Apple's macOS operating system leveraged a Safari web browser exploit as part of a watering hole attack targeting politically active, pro-democracy individuals in Hong Kong. Slovak cybersecurity firm ESET attributed the intrusion to an...
New Chinotto Spyware Targets North Korean Defectors, Human Rights Activists
North Korean defectors, journalists who cover North Korea-related news, and entities in South Korea are being zeroed in on by a nation-state-sponsored advanced persistent threat APT as part of a new wave of highly-targeted surveillance attacks. Russian cybersecurity firm Kaspersky attributed the...
Mac Zero Day Targets Apple Devices in Hong Kong
Since at least late August, attackers have been using flaws in macOS and iOS – including in-the-wild use of what was then a zero-day flaw – to install a backdoor on the Apple devices of users who visited Hong Kong-based media and pro-democracy sites. This isn’t a finely targeted campaign, but it’...
BIOPASS RAT: New Malware Sniffs Victims via Live Streaming
We discovered a new malware that targets online gambling companies in China via a watering hole attack, in which visitors are tricked into downloading a malware loader disguised as a legitimate installer for well-known apps such as Adobe Flash Player or Microsoft Silverlight...
Watering Hole Attack Was Used to Target Florida Water Utilities
An investigation undertaken in the aftermath of the Oldsmar water plant hack earlier this year has revealed that an infrastructure contractor in the U.S. state of Florida hosted malicious code on its website in what's known as a watering hole attack. "This malicious code seemingly targeted water...
Sophisticated Watering Hole Attack
Googles Project Zero has exposed a sophisticated watering-hole attack targeting both Windows and Android: Some of the exploits were zero-days, meaning they targeted vulnerabilities that at the time were unknown to Google, Microsoft, and most outside researchers both companies have since patched t...
Introducing the In-the-Wild Series
This is part 1 of a 6-part series detailing a set of vulnerabilities found by Project Zero being exploited in the wild. To read the other parts of the series, head to the bottom of this post. At Project Zero we often refer to our goal simply as “make 0-day hard”. Members of the team approach this...
Browser Bugs Exploited to Install 2 New Backdoors on Targeted Computers
Cybersecurity researchers have disclosed details about a new watering hole attack targeting the Korean diaspora that exploits vulnerabilities in web browsers such as Google Chrome and Internet Explorer to deploy malware for espionage purposes. Dubbed "Operation Earth Kitsune" by Trend Micro, the...
Holy water: ongoing targeted water-holing attack in Asia
On December 4, 2019, we discovered watering hole websites that were compromised to selectively trigger a drive-by download attack with fake Adobe Flash update warnings. This campaign has been active since at least May 2019, and targets an Asian religious and ethnic group. The threat actor's...
Using MixMode and Carbon Black to Spot a Watering Hole Attack
For those not familiar with watering hole attacks, they are attacks on a specific place—such as a restaurant—that many people visit. They generally involve malicious code being injected into an iframe on the company’s website. In the case of a restaurant, for example, the online menu would be a...
Chinese hackers attack National Data Center using watering hole attack
By Waqas The IT security researchers at Kaspersky Lab have published a This is a post from HackRead.com Read the original post: Chinese hackers attack National Data Center using watering hole attack...