Computer Security
RotBot Malware Used on Asian Victims
A suspected threat actor of Vietnamese origin has been observed targeting individuals in various Asian and Southeast Asian nations with malicious software aimed at extracting valuable data since at least May 2023.... Read more
HackBrowserData Infostealer Malware Uses in Attacks on Indian Entities
Researchers have exposed a fresh espionage attempt directed at Indian governmental bodies and the nation's energy sector, employing a modified edition of an open-source data pilfering tool named HackBrowserData. This... Read more
WINELOADER Backdoor Deployed Against German Targets
Russian-affiliated threat actors have deployed the WINELOADER backdoor in recent cyber assaults directed at German political organizations. In late February 2024, researchers from Mandiant identified the... Read more
AceCryptor Malware Use Surges in Europe
Thousands of fresh infections linked to the AceCryptor tool — which enables hackers to conceal malware and infiltrate systems undetected by antivirus software — have been uncovered in a concerted effort targeting... Read more
PixPirate Banking Trojan Targets Android Devices
The PixPirate Android banking trojan's operators have adopted a novel tactic to elude detection on compromised devices and gather sensitive data from users in Brazil. According to IBM's recent technical report, this... Read more
CVE-2023-6000 XSS Vulnerability Used to Target Over 3,000 Sites
A recent upswing in attacks originating from a new malware campaign is exploiting a well-known vulnerability in the WordPress plugin Popup Builder, affecting more than 3,300 websites through XSS attacks. The Balada... Read more
DinodasRAT Linux Version Used in Asian Countries
Security researchers revealed the emergence of a Linux iteration of DinodasRAT, a versatile backdoor malware, spotted in the wild targeting regions including China, Taiwan, Turkey, and Uzbekistan. DinodasRAT, also... Read more
Darcula Phishing Kit Linked to Chinese Threat Actor
The Chinese-operated 'darcula' platform, specializing in Phishing-as-a-Service (PhaaS) in the Chinese language, is actively targeting organizations across more than 100 countries using sophisticated methods via a... Read more
Sign1 Malware Attacks WordPress Plugins
A significant malware operation, identified as Sign1, has managed to infiltrate 39,000 WordPress websites within the past six months, as observed by security analysts at Sucuri. The campaign involves the implantation... Read more
Pelmeni Wrapper: Another Tool in Turla's Arsenal
Research conducted by Lab52 has revealed a new Turla campaign employing innovative strategies alongside a tailored version of the Kazuar trojan. Their analysis delves into the technical aspects of the campaign's... Read more
Ande Loader Malware Spreads Using Phishing
The threat actor Blind Eagle has been observed employing a loader malware named Ande Loader to distribute remote access trojans (RATs) such as Remcos RAT and NjRAT. These attacks, initiated through phishing emails,... Read more
Fake Crypto Company Scams People Out of Thousands of Dollars
The US Better Business Bureau has issued several warnings regarding a fraudulent cryptocurrency enterprise that has deceived job seekers, causing them to lose significant sums of money. A victim named Daniel LaSane,... Read more
CVE-2024-3094 Vulnerability (XZ Backdoor) Discovered in Linux Data Compression Library
Red Hat issued an urgent security advisory on Friday regarding two versions of the widely used data compression tool XZ Utils, previously known as LZMA Utils, which have been compromised with malicious code aimed at... Read more
Tycoon Phishing Kit Uses Multiple Attack Vectors
The cybersecurity community has expressed significant concerns over a recently discovered phishing toolkit called Tycoon 2FA. Uncovered by the Sekoia Threat Detection & Research (TDR) team in October 2023, and... Read more
AcidPour Wiper Deployed Against Ukrainian Targets
Researchers have discovered previously unseen wiper malware associated with Russia, which was used in an operation over two years ago targeting more than 10,000 satellite modems primarily in Ukraine just before... Read more
A Closer Look at the Turla Advanced Persistent Threat Actor
In the realm of cybersecurity, the persistent and evolving threat landscape continually challenges defenders worldwide. Among the myriad of adversaries, one group has garnered significant attention for its... Read more
NerbianRAT Linux - Novel Malware Linked to Magnet Goblin APT
Check Point reports that a threat actor driven by financial motives has been focusing on exploiting recently discovered vulnerabilities in publicly accessible services to install Linux backdoors. Identified as Magnet... Read more
WogRAT Targets Both Windows and Linux
A recently discovered malicious software, named "WogRAT," is targeting both Windows and Linux systems. It utilizes the online notepad platform called "aNotepad" as a covert channel for storing and extracting malicious... Read more
