19 matches found
MAL-2026-5683 Malicious code in trongapy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0fa840452c4774ec07d74bbed23fbe1c848a2d83303df3f028e73af31045b495 The package's only public function, permprivatekey in trongapy/main.py, unconditionally POSTs the caller-supplied Tron private key as JSON to a...
Iran’s MuddyWater Hackers Target US Firms with New Dindoor Backdoor
Researchers say Iran's MuddyWater hackers targeted US companies and an Israeli software firm’s department in a cyber campaign using the Dindoor malware - All this amid the ongoing conflict...
16 Fake ChatGPT Extensions Caught Hijacking User Accounts
A coordinated campaign of 16 malicious GPT optimisers has been caught hijacking ChatGPT accounts. These tools steal session tokens to access private chats, Slack, and Google Drive files...
Chinese-Speaking Hacker Group Targets Human Rights Studies in Middle East
Unnamed government entities in the Middle East and Malaysia are the target of a persistent cyber campaign orchestrated by a threat actor known as Tropic Trooper since June 2023. "Sighting this group's Tactics, Techniques, and Procedures in critical governmental entities in the Middle East,...
DDoS Attacks Hit France Over Telegram’s Pavel Durov Arrest
Hacktivists unite for the FreeDurov campaign to launch a massive cyber campaign against France in response to Telegram…...
North Korean Hackers Deploy New MoonPeak Trojan in Cyber Campaign
A new remote access trojan called MoonPeak has been discovered as being used by a state-sponsored North Korean threat activity cluster as part of a new campaign. Cisco Talos attributed the malicious cyber campaign to a hacking group it tracks as UAT-5394, which it said exhibits some level of...
Iran's MuddyWater Targets Israel in New Spear-Phishing Cyber Campaign
The Iranian nation-state actor known as MuddyWater has been linked to a new spear-phishing campaign targeting two Israeli entities to ultimately deploy a legitimate remote administration tool from N-able called Advanced Monitoring Agent. Cybersecurity firm Deep Instinct, which disclosed details o...
Lazarus Unleash SIGNBT Malware in Latest Campaign
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Lazarus Group has been identified as the mastermind behind a recent cyber campaign. They persistently targeted a software vendor, successfully compromising the vendors systems by exploiting software...
Iran-Linked OilRig Targets Middle East Governments in 8-Month Cyber Campaign
The Iran-linked OilRig threat actor targeted an unnamed Middle East government between February and September 2023 as part of an eight-month-long campaign. The attack led to the theft of files and passwords and, in one instance, resulted in the deployment of a PowerShell backdoor called...
Researchers Expose Space Pirates' Cyber Campaign Across Russia and Serbia
The threat actor known as Space Pirates has been linked to attacks against at least 16 organizations in Russia and Serbia over the past year by employing novel tactics and adding new cyber weapons to its arsenal. "The cybercriminals' main goals are still espionage and theft of confidential...
Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign
An active financially motivated campaign is targeting vulnerable SSH servers to covertly ensnare them into a proxy network. "This is an active campaign in which the attacker leverages SSH for remote access, running malicious scripts that stealthily enlist victim servers into a peer-to-peer P2P...
Researchers Uncover Powerful Backdoor and Custom Implant in Year-Long Cyber Campaign
Government, aviation, education, and telecom sectors located in South and Southeast Asia have come under the radar of a new hacking group as part of a highly-targeted campaign that commenced in mid-2022 and continued into the first quarter of 2023. Symantec, by Broadcom Software, is tracking the...
Ukraine Hit with New Golang-based 'SwiftSlicer' Wiper Malware in Latest Cyber Attack
Ukraine has come under a fresh cyber onslaught from Russia that involved the deployment of a previously undocumented Golang-based data wiper dubbed SwiftSlicer. ESET attributed the attack to Sandworm, a nation-state group linked to Military Unit 74455 of the Main Intelligence Directorate of the...
The Top 5 Russian Cyber Threat Actors to Watch
This post was updated on March 10, 2022 to include a section on the Conti Ransomware Group. As we continue to monitor the situation between Russia and Ukraine – and the potential for global cybersecurity impacts – we realize that our customers and other business and industry stakeholders may be...
'Lone Wolf' Hacker Group Targeting Afghanistan and India with Commodity RATs
A new malware campaign targeting Afghanistan and India is exploiting a now-patched, 20-year-old flaw affecting Microsoft Office to deploy an array of commodity remote access trojans RATs that allow the adversary to gain complete control over the compromised endpoints. Cisco Talos attributed the...
NSA, FBI Reveal Hacking Methods Used by Russian Military Hackers
An ongoing brute-force attack campaign targeting enterprise cloud environments has been spearheaded by the Russian military intelligence since mid-2019, according to a joint advisory published by intelligence agencies in the U.K. and U.S. The National Security Agency NSA, Cybersecurity and...
Malwarebytes Hit by SolarWinds Attackers
Malwarebytes is the latest discovered victim of the SolarWinds hackers, the security company said – except that it wasn’t targeted through the SolarWinds platform. “While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor,” it...
ACSC Releases Advisory on Cyber Campaign using Copy-Paste Compromises
The Australian Cyber Security Centre ACSC has released an advisory regarding an ongoing cyber campaign involving “copy-paste compromises” targeting Australian government and commercial networks. According to the advisory, a sophisticated malicious cyber actor is carrying out the campaign using...
Anonymous Hacking Group Takes Down 20,000 ISIS Twitter accounts
In the wake of horrific terror attacks in Paris, the online Hacktivist group Anonymous last week declared "total war" against the Islamic State militant group ISIS that claimed responsibility for the attacks. While French, Russian, and US military are bombing ISIS from the sky, Anonymous members...