7 matches found
IT threat evolution in Q2 2023
IT threat evolution in Q2 2023 IT threat evolution in Q2 2023. Non-mobile statistics IT threat evolution in Q2 2023. Mobile statistics Targeted attacks Gopuram backdoor deployed through 3CX supply-chain attack Earlier this year, a Trojanized version of the 3CXDesktopApp, a popular VoIP program, w...
Meet the GoldenJackal APT group. Don’t expect any howls
GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. Despite the fact that they began their activities years ago, this group is generally unknown and, as far as we know, has not been publicly described. We...
FAQ: Mitigating Microsoft Office’s ‘Follina’ zero-day
On Monday May 30, 2022, Microsoft issued CVE-2022-30190 for a zero-day remote code vulnerability, Follina, already being exploited in the wild via malicious Word documents. Q: What exactly is Follina? A: Follina is the nickname given to a new vulnerability discovered as a zero-day and identified ...
IAmTheKing and the SlothfulMedia malware family
On October 1, 2020, the DHS CISA agency released information about a malware family called SlothfulMedia, which they attribute to a sophisticated threat actor. We have been tracking this set of activity through our private reporting service, and we would like to provide the community with...
New Trickbot Variant Touts Stealthy Code-Injection Trick
Trickbot has been around since 2016 – but a new variant of the infamous financial trojan has caught the eyes of researchers with a stealthy code-injection technique. Researchers at Cyberbit this week said that they have found a new Trickbot iteration that features a sneaky method of performing...
Attack on Critical Infrastructure Leverages Template Injection
Contributors: Sean Baird, Earl Carter, Erick Galinkin, Christopher Marczewski & Joe Marshall Executive SummaryAttackers are continually trying to find new ways to target users with malware sent via email. Talos has identified an email-based attack targeting the energy sector, including nuclear...
Watch Out! First-Ever Word Macro Malware for Apple Mac OS Discovered in the Wild
After targeting Windows-based computers over the past few years, hackers are now shifting their interest to Macs as well. The emergence of the first macro-based Word document attack against Apple's macOS platform is the latest example to prove this. The concept of Macros dates back to 1990s. You...