Lucene search
K

11 matches found

Microsoft Secure
Microsoft Secure
added 2025/03/05 11:0 a.m.22 views

Silk Typhoon targeting IT supply chain

Executive summary: Microsoft Threat Intelligence identified a shift in tactics by Silk Typhoon, a Chinese espionage group, now targeting common IT solutions like remote management tools and cloud applications to gain initial access. While they haven't been observed directly targeting Microsoft...

10CVSS9AI score0.99999EPSS
Exploits138
The Hacker News
The Hacker News
added 2024/12/20 8:39 a.m.6 views

Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack

The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware. Following the...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/20 9:7 a.m.17 views

Iranian Cyber Group TA453 Targets Jewish Leader with New AnvilEcho Malware

Iranian state-sponsored threat actors have been observed orchestrating spear-phishing campaigns targeting a prominent Jewish figure starting in late July 2024 with the goal of delivering a new intelligence-gathering tool called AnvilEcho. Enterprise security company Proofpoint is tracking the...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/17 1:31 p.m.126 views

Beware: Malicious Google Ads Trick WinSCP Users into Installing Malware

Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead. Cybersecurity company Securonix is tracking the ongoing activity under the name SEOLURKER. "The malicious...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/01/11 2:24 p.m.37 views

Australian Healthcare Sector Targeted in Latest Gootkit Malware Attacks

A recent wave of Gootkit malware loader attacks has targeted the Australian healthcare sector by leveraging legitimate tools like VLC Media Player. Gootkit, also called Gootloader, is known to employ search engine optimization SEO poisoning tactics aka spamdexing for initial access. It typically...

1.7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/11/03 9:20 a.m.93 views

Hackers Using Rogue Versions of KeePass and SolarWinds Software to Distribute RomCom RAT

The operators of RomCom RAT malware are continuing to evolve their campaigns by distributing rogue versions of software such as SolarWinds Network Performance Monitor, KeePass password manager, and PDF Reader Pro via fake copycat websites. Targets of the operation consist of victims in Ukraine an...

7.1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/05/20 5:0 p.m.59 views

Phorpiex morphs: How a longstanding botnet persists and thrives in the current threat environment

Phorpiex, an enduring botnet known for extortion campaigns and for using old-fashioned worms that spread via removable USB drives and instant messaging apps, began diversifying its infrastructure in recent years to become more resilient and to deliver more dangerous payloads. Today, the Phorphiex...

0.5AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2019/11/07 9:5 p.m.3970 views

Microsoft works with researchers to detect and protect against new RDP exploits

On November 2, 2019, security researcher Kevin Beaumont reported that his BlueKeep honeypot experienced crashes and was likely being exploited. Microsoft security researchers collaborated with Beaumont as well as another researcher, Marcus Hutchins, to investigate and analyze the crashes and...

10CVSS0.2AI score0.99999EPSS
Exploits123
Malwarebytes
Malwarebytes
added 2018/11/20 4:51 p.m.65 views

Web skimmers compete in Umbro Brasil hack

Umbro, the popular sportswear brand has had their Umbro Brasil website hacked and injected with not one but two web skimmers part of the Magecart group. Magecart has become a household name in recent months due to high profile attacks on various merchant websites. Criminals can seamlessly steal...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2018/09/05 9:4 p.m.16 views

OilRig Sends an OopsIE to Mideast Government Targets

The OilRig group is back, using a reboot of the OopsIE trojan to pump information from its favorite resource: entities in the Middle East region. OilRig, which is also called Cobalt Gypsy, Crambus, Helix Kitten or PT34, is suspected of having ties to Iran. The group was identified in 2015 and is...

0.7AI score
Exploits0References5
FireEye
FireEye
added 2018/03/13 12:15 p.m.515 views

Iranian Threat Group Updates Tactics, Techniques and Procedures in Spear Phishing Campaign

Introduction From January 2018 to March 2018, through FireEye’s Dynamic Threat Intelligence, we observed attackers leveraging the latest code execution and persistence techniques to distribute malicious macro-based documents to individuals in Asia and the Middle East. We attribute this activity t...

7.8AI score
Exploits0
Rows per page
Query Builder