7 matches found
Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India
The Pakistan-aligned threat actor known as Transparent Tribe has become the latest hacking group to embrace artificial intelligence AI-powered coding tools to strike targets with various implants. The activity is designed to produce a "high-volume, mediocre mass of implants" that are developed...
Dero miner zombies biting through Docker APIs to build a cryptojacking horde
Introduction Imagine a container zombie outbreak where a single infected container scans the internet for an exposed Docker API, and bites exploits it by creating new malicious containers and compromising the running ones, thus transforming them into new "zombies" that will mine for Dero currency...
MagicRAT: Lazarus’ latest gateway into victim networks
By Jung soo An, Asheer Malhotra and Vitor Ventura. Cisco Talos has discovered a new remote access trojan RAT we're calling "MagicRAT," developed and operated by the Lazarus APT group, which the U.S. government believes is a North Korean state-sponsored actor. Lazarus deployed MagicRAT after the...
Experts Uncover New 'CosmicStrand' UEFI Firmware Rootkit Used by Chinese Hackers
An unknown Chinese-speaking threat actor has been attributed to a new kind of sophisticated Unified Extensible Firmware Interface UEFI firmware rootkit called CosmicStrand. "The rootkit is located in the firmware images of Gigabyte or ASUS motherboards, and we noticed that all these images are...
VirusTotal Firmware Malware Implant Scanning
Successful attacks against firmware are rare but provide hackers with one thing they covet most: persistence. Advanced attack groups have already accelerated their capabilities in finding ways to burrow into the BIOS and EFI as noted by the Snowden leaks’ description of the NSA’s attempts to...
Sofacy APT28 Gang Using New Backdoors, Zero Days
A new analysis of the Sofacy APT gang, a Russian-speaking group carrying out targeted attacks against military and government offices for close to a decade, shows a relentless wave of intrusions peaking this summer against victims in a number of NATO countries and the Ukraine. Researchers at...
NSA Targets Sys Admins to Access Networks
The latest set of Snowden documents reveal details on perhaps the biggest no-brainer from the National Security Agency’s point of view during these nine months of leaks: the targeting of system administrators. Classified presentations, documents and notes portray the NSA as confident and...