94 matches found
Chinese Hackers Unleashes MQsTTang Backdoor Against Govt Entities
By Deeba Ahmed The new MQTTang backdoor is capable of evading detection, making it an even bigger threat to victims. This is a post from HackRead.com Read the original post: Chinese Hackers Unleashes MQsTTang Backdoor Against Govt Entities...
2023 Browser Security Report Uncovers Major Browsing Risks and Blind Spots
As a primary working interface, the browser plays a significant role in today's corporate environment. The browser is constantly used by employees to access websites, SaaS applications and internal applications, from both managed and unmanaged devices. A new report published by LayerX, a browser...
2023 Browser Security Report Uncovers Major Browsing Risks and Blind Spots
As a primary working interface, the browser plays a significant role in today's corporate environment. The browser is constantly used by employees to access websites, SaaS applications and internal applications, from both managed and unmanaged devices. A new report published by LayerX, a browser...
Webinar — A MythBusting Special: 9 Myths about File-based Threats
Bad actors love to deliver threats in files. Persistent and persuasive messages convince unsuspecting victims to accept and open files from unknown sources, executing the first step in a cyber attack. This continues to happen whether the file is an EXE or a Microsoft Excel document. Far too often...
Experts Warn of 'Beep' - A New Evasive Malware That Can Fly Under the Radar
Cybersecurity researchers have unearthed a new piece of evasive malware dubbed Beep that's designed to fly under the radar and drop additional payloads onto a compromised host. "It seemed as if the authors of this malware were trying to implement as many anti-debugging and anti-VM anti-sandbox...
Experts Warn of 'Beep' - A New Evasive Malware That Can Fly Under the Radar
Cybersecurity researchers have unearthed a new piece of evasive malware dubbed Beep that's designed to fly under the radar and drop additional payloads onto a compromised host. "It seemed as if the authors of this malware were trying to implement as many anti-debugging and anti-VM anti-sandbox...
Rhadamanthys: A New Evasive Information Stealer
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Rhadamanthys Evasive Infostealer is spread through phishing emails and prevalent Google ads that lead to fake download pages for popular workforce software...
BATLOADER- Evasive Malware leverages SEO poisoning
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary "BatLoader" dropper is used to dispense a range of malware tools on victim devices, including a banking Trojan, an information stealer, and the Cobalt Strike post-exploit toolkit. BatLoader malware actor...
Evasive Shikitega Linux malware drops Monero cryptominer
Researchers from the AT&T Alien Labs Resarch have discovered a new and stealthy Linux malware it's dubbed Shikitega. Once it's on a machine or device, Shitega executes a "multistage infection chain" involving small files, a couple of vulnerabilities, and the use of Mettle, a portable Metasploit...
Researchers Detail Evasive DarkTortilla Crypter Used to Deliver Malware
A .NET-based evasive crypter named DarkTortilla has been used by threat actors to distribute a broad array of commodity malware as well as targeted payloads like Cobalt Strike and Metasploit, likely since 2015. "It can also deliver 'add-on packages' such as additional malicious payloads, benign...
Hive Ransomware Upgrades to Rust for More Sophisticated Encryption Method
The operators of the Hive ransomware-as-a-service RaaS scheme have overhauled their file-encrypting software to fully migrate to Rust and adopt a more sophisticated encryption method. "With its latest variant carrying several major upgrades, Hive also proves it's one of the fastest evolving...
Linux Malware Deemed ‘Nearly Impossible’ to Detect
A new Linux malware that’s “nearly impossible to detect” can harvest credentials and gives attackers remote access and rootkit functionality by acting in a parasitic way to infect targets, researchers said. Researchers from The BlackBerry Research and Intelligence Team have been tracking the...
New Syslogk Linux Rootkit Lets Attackers Remotely Command It Using "Magic Packets"
A new covert Linux kernel rootkit named Syslogk has been spotted under development in the wild and cloaking a malicious payload that can be remotely commandeered by an adversary using a magic network traffic packet. "The Syslogk rootkit is heavily based on Adore-Ng but incorporates new...
Quick and Simple: BPFDoor Explained
BPFDoor isn't new to the cyberattack game — in fact, it's gone undetected for years — but PwC researchers discovered the piece of malware in 2021. Subsequently, the cybersecurity community is learning more about the stealthy nature of malware, how it works, and how it can be prevented. What's...
Evasive Bots Drive Online Fraud – 2022 Imperva Bad Bot Report
The 2022 Imperva Bad Bot Report is now available. The report is the ninth annual in-depth analysis of bot traffic, created with data collected from Impervas global network throughout the past year by the Imperva Threat Research Team. Bad bots are software applications that run automated tasks wit...
CAPEv2 - Malware Configuration And Payload Extraction
CAPE is a malware sandbox. It was derived from Cuckoo with the goal of adding automated malware unpacking and config extraction - hence its name is an acronym: 'Config And Payload Extraction'. Automated unpacking allows classification based on Yara signatures to complement network Suricata and...
Hackers Using New Evasive Technique to Deliver AsyncRAT Malware
A new, sophisticated phishing attack has been observed delivering the AsyncRAT trojan as part of a malware campaign that's believed to have commenced in September 2021. "Through a simple email phishing tactic with an HTML attachment, threat attackers are delivering AsyncRAT a remote access trojan...
BHUNT password stealer targets crypto wallets through cracked software
By Deeba Ahmed BHUNT is being regarded as an evasive crypto wallet stealer, just like previously identified Redline Stealer and CryptBot.… This is a post from HackRead.com Read the original post: BHUNT password stealer targets crypto wallets through cracked software...
Cryptomining Attack Exploits Docker API Misconfiguration Since 2019
Hackers behind a cryptomining campaign have managed to avoid detection since 2019. The attacks exploited misconfigured Docker APIs that allowed them to gain network entry and ultimately sets up a backdoor on compromised hosts to mine cryptocurrency, researchers said. The attack technique is...
New BLISTER Malware Using Code Signing Certificates to Evade Detection
Cybersecurity researchers have disclosed details of an evasive malware campaign that makes use of valid code signing certificates to sneak past security defenses and stay under the radar with the goal of deploying Cobalt Strike and BitRAT payloads on compromised systems. The binary, a loader, has...