15 matches found
Custom vs. Off-the-shelf Educational Software
Educational institutions and businesses looking to implement technology-driven learning solutions often face a key decision: should they invest…...
New Docker Malware Steals CPU for Crypto & Drives Fake Website Traffic
Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner as well as the 9Hits Viewer software as part of a multi-pronged monetization strategy. "This is the first documented case of malware deploying the 9Hits applicatio...
DarkGate Malware Activity Spikes as Developer Rents Out Malware to Affiliates
A new malspam campaign has been observed deploying an off-the-shelf malware called DarkGate. "The current spike in DarkGate malware activity is plausible given the fact that the developer of the malware has recently started to rent out the malware to a limited number of affiliates," Telekom...
Andariel’s silly mistakes and a new malware family
Introduction Andariel, a part of the notorious Lazarus group, is known for its use of the DTrack malware and Maui ransomware in mid-2022. During the same period, Andariel also actively exploited the Log4j vulnerability as reported by Talos and Ahnlab. Their campaign introduced several new malware...
Hackers Using Stolen Bank Information to Trick Victims into Downloading BitRAT Malware
A new malware campaign has been observed using sensitive information stolen from a bank as a lure in phishing emails to drop a remote access trojan called BitRAT. The unknown adversary is believed to have hijacked the IT infrastructure of a Colombian cooperative bank, using the information to cra...
OPERA1ER APT Hackers Targeted Dozens of Financial Organizations in Africa
A French-speaking threat actor dubbed OPERA1ER has been linked to a series of more than 30 successful cyber attacks aimed at banks, financial services, and telecom companies across Africa, Asia, and Latin America between 2018 and 2022. According to Singapore-headquartered cybersecurity company...
Hackers Repeatedly Targeting Financial Services in French-Speaking African Countries
Major financial and insurance companies located in French-speaking nations in Africa have been targeted over the past two years as part of a persistent malicious campaign codenamed DangerousSavanna. Countries targeted include Ivory Coast, Morocco, Cameroon, Senegal, and Togo, with the...
Hackers Use ModernLoader to Infect Systems with Stealers and Cryptominers
As many as three disparate but related campaigns between March and Jun 2022 have been found to deliver a variety of malware, including ModernLoader, RedLine Stealer, and cryptocurrency miners onto compromised systems. "The actors use PowerShell, .NET assemblies, and HTA and VBS files to spread...
Latest Firefox 95 Includes RLBox Sandboxing to Protect Browser from Malicious Code
Mozilla is beginning to roll out Firefox 95 with a new sandboxing technology called RLBox that prevents untrusted code and other security vulnerabilities from causing "accidental defects as well as supply-chain attacks." Dubbed "RLBox" and implemented in collaboration with researchers at the...
CVE-2021-38398
The affected device uses off-the-shelf software components that contain unpatched vulnerabilities. A malicious attacker with physical access to the affected device could exploit these vulnerabilities...
Travel Management System 1.0 Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Travel Management System v1.0 - Unauthenticated Remote Code Execution Exploit Author: Adeeb Shah @hyd3sec & Bobby Cooke boku Vulnerability Discovery: Adeeb Shah @hyd3sec Date: August 10, 2020 Vendor Homepage:...
The Phishing Industry
As I mentioned in my previous blog post, phishing attacks are now being created and executed on an industrial scale. Malicious actors are increasingly using highly sophisticated off-the-shelf phishing kits that allow them to deliver very targeted, short-lived attacks. These campaigns direct victi...
Spy Planes Equipped with Dirtbox Devices Collecting Smartphone Data
The U.S. government is reportedly using spy airplanes equipped with special military-grade snooping equipment to eavesdrop on cell phone information from millions of smartphone users in U.S, according to a new report. This little device, nicknamed "Dirtbox", is being used to mimic mobile phone...
NSA Develops New, Super-Secure Android Phone
The U.S. National Security Agency NSA released the specifications for a new, super-secure smartphone for use by government officials and based on Google’s widely-used Android operating system, inviting the public to make use of its research. The intelligence agency produced a limited run of about...
Kernel.org Server Rooted and 448 users credentials compromised
Kernel.org Server Rooted and 448 users credentials compromised The main kernel.org page is currently carrying a notice that the site has suffered a security breach. "Earlier this month, a number of servers in the kernel.org infrastructure were compromised. We discovered this August 28th. While we...