New Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHP

Cybersecurity researchers have discovered a new PHP-based backdoor called Glutton that has been put to use in cyber attacks targeting China, the United States, Cambodia, Pakistan, and South Africa. QiAnXin XLab, which discovered the malicious activity in late April 2024, attributed the previously...

Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor

A Chinese state-sponsored threat activity group tracked as RedGolf has been attributed to the use of a custom Windows and Linux backdoor called KEYPLUG. "RedGolf is a particularly prolific Chinese state-sponsored threat actor group that has likely been active for many years against a wide range o...

Blackfly Chinese APT targets Asian conglomerate in materials sector

Threat Level Actor Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The Blackfly espionage group, also known as APT41, Winnti Group, or Bronze Atlas, has been targeting multiple subsidiaries of an Asian conglomerate operating in the...

Chinese Hackers Caught Stealing Intellectual Property from Multinational Companies

An elusive and sophisticated cyberespionage campaign orchestrated by the China-backed Winnti group has managed to fly under the radar since at least 2019. Dubbed "Operation CuckooBees" by Israeli cybersecurity company Cybereason, the massive intellectual property theft operation enabled the threa...

US Media, Retailers Targeted by New SparklingGoblin APT

An emerging international cybergang is broadening its targets to include North American media firms, universities and one computer retailer. The advanced persistent threat APT group is new, according to researchers who dubbed it SparklingGoblin. Also new is a novel backdoor technique, called...

Hackers Spread BIOPASS Malware via Chinese Online Gambling Sites

Cybersecurity researchers are warning about a new malware that's striking online gambling companies in China via a watering hole attack to deploy either Cobalt Strike beacons or a previously undocumented Python-based backdoor called BIOPASS RAT that takes advantage of Open Broadcaster Software OB...

Black Hat 2020: Linux Spyware Stack Ties Together 5 Chinese APTs

A stack of Linux backdoor malware used for espionage, compiled dynamically and customizable to specific targets, is being used as a shared resource by five different Chinese-language APT groups, according to researchers. According to an analysis from BlackBerry released at Black Hat 2020 on...

A week in security (January 27 – February 2)

Last week on Malwarebytes Labs, we looked at the strengths and weaknesses of the Zero Trust model, gave you the low-down on spear phishing, and took a delve into the world of securing the managed service provider MSP. Other cybersecurity news UN compromised via Sharepoint hack: An extraordinary...

Stealthy Microsoft SQL Server Backdoor Malware Spotted in the Wild

Cybersecurity researchers claim to have discovered a previously undocumented backdoor specifically designed for Microsoft SQL servers that could allow a remote attacker to control an already compromised system stealthily. Dubbed Skip-2.0 , the backdoor malware is a post-exploitation tool that run...

Stealthy Microsoft SQL Server Backdoor Malware Spotted in the Wild

Cybersecurity researchers claim to have discovered a previously undocumented backdoor specifically designed for Microsoft SQL servers that could allow a remote attacker to control an already compromised system stealthily. Dubbed Skip-2.0, the backdoor malware is a post-exploitation tool that runs...

This Week in Security News

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...