Malware & Threats Archives

SECURITYWEEK NETWORK:

ICS:

Hi, what are you looking for?

Malware & Threats

Pakistani APT Uses YouTube-Mimicking RAT to Spy on Android Devices

New versions of Pakistan-linked APT Transparent Tribe’s CapraRAT Android trojan mimic the appearance of YouTube.

Ionut Arghire5 days ago

Malware & Threats

CISA Says Owl Labs Vulnerabilities Requiring Close Physical Range Exploited in Attacks

CISA says Owl Labs video conferencing device vulnerabilities that require the attacker to be in close range exploited in attacks

Eduard Kovacs5 days ago

Malware & Threats

macOS Info-Stealer Malware ‘MetaStealer’ Targeting Businesses

The MetaStealer macOS information stealer has been targeting businesses to exfiltrate keychain and other valuable information.

Ionut ArghireSeptember 13, 2023

Messaging exploits deliver Pegasus spyware

Malware & Threats

After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery

After Apple and Google, Mozilla has also patched an image processing-related zero-day vulnerability exploited by spyware.

Eduard KovacsSeptember 13, 2023

Malware & Threats

Zero-Day Summer: Microsoft Warns of Fresh New Software Exploits

Microsoft’s struggles with zero-day exploits rolled into a new month with a fresh Patch Tuesday warning about malware attacks in the wild.

Ryan NaraineSeptember 12, 2023

Malware & Threats

Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks

Cisco is warning of a zero-day vulnerability in Cisco ASA and FTD that can be exploited remotely, without authentication, in brute force attacks.

Ionut ArghireSeptember 8, 2023

Malware & Threats

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability

More than 3,000 Openfire servers are not patched against a recent vulnerability and are exposed to attacks employing a new exploit.

Ionut ArghireAugust 23, 2023

Malware & Threats

New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack

A new APT group called Carderbee has been observed deploying the PlugX backdoor via a supply chain attack targeting organizations in Hong Kong.

Ionut ArghireAugust 22, 2023

Adobe ColdFusion vulnerability exploited

Malware & Threats

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability

CISA warns that CVE-2023-26359, an Adobe ColdFusion vulnerability patched in March, has been exploited in the wild.

Eduard KovacsAugust 22, 2023

Malware & Threats

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability

A critical-severity vulnerability in the Ivanti Sentry (formerly MobileIron Sentry) product exposes sensitive API data and configurations.

Ryan NaraineAugust 21, 2023

Cybercrime

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer

Cyfirma security researchers uncover the real identity of the CypherRAT and CraxsRAT malware developer and MaaS operator.

Ionut ArghireAugust 21, 2023

Malware & Threats

Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure

The ‘LabRat’ cryptomining and proxyjacking operation relies on signature-based tools and stealthy cross-platform malware, and abuses TryCloudflare to hide its C&Cs.

Ionut ArghireAugust 18, 2023

Cybercrime

Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands

A new report from Rapid7 says a ransomware gang like Cl0p would easily be able to afford a bevy of zero-day exploits for vulnerable...

Kevin TownsendAugust 17, 2023

Malware & Threats

Thousands of Systems Turned Into Proxy Exit Nodes via Malware

Threat actors have been observed deploying a proxy application on Windows and macOS systems that were infected with malware.

Ionut ArghireAugust 17, 2023

Malware & Threats

2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability

A threat actor has exploited a recent Citrix vulnerability (CVE-2023-3519) to infect roughly 2,000 NetScaler instances with a backdoor.

Ionut ArghireAugust 15, 2023

Malware & Threats

Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware

Hudson Rock security researchers have identified credentials for hacker forums on roughly 120,000 computers infected with information stealers.

Ionut ArghireAugust 15, 2023

Government

In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities

Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of August 7,...

SecurityWeek NewsAugust 11, 2023

Malware & Threats

Threat Actors Abuse Cloudflare Tunnel for Persistent Access, Data Theft

Threat actors have been observed abusing the open source Cloudflare Tunnel tool Cloudflared to maintain stealthy, persistent access to compromised systems.

Ionut ArghireAugust 4, 2023

Page 3 of 463‹ Previous 1 234 5 6 7 Next ›Last »

SECURITYWEEK NETWORK:

ICS:

Malware & Threats

Pakistani APT Uses YouTube-Mimicking RAT to Spy on Android Devices

Malware & Threats

CISA Says Owl Labs Vulnerabilities Requiring Close Physical Range Exploited in Attacks

Malware & Threats

macOS Info-Stealer Malware ‘MetaStealer’ Targeting Businesses

Malware & Threats

After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery

Malware & Threats

Zero-Day Summer: Microsoft Warns of Fresh New Software Exploits

Malware & Threats

Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks

Malware & Threats

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability

Malware & Threats

New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack

Malware & Threats

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability

Malware & Threats

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability

Cybercrime

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer

Malware & Threats

Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure

Cybercrime

Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands

Malware & Threats

Thousands of Systems Turned Into Proxy Exit Nodes via Malware

Malware & Threats

2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability

Malware & Threats

Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware

Government

In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities

Malware & Threats

Threat Actors Abuse Cloudflare Tunnel for Persistent Access, Data Theft

Featured

Mobile & Wireless

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones

Cyberwarfare

New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware

Funding/M&A

Cisco to Acquire Splunk for $28 Billion

Cybercrime

MGM Resorts Computers Back Up After 10 Days as Analysts Eye Effects of Casino Cyberattacks

Cybersecurity Funding

SASE Firm Cato Networks Raises $238 Million at $3 Billion Valuation

Artificial Intelligence

Microsoft AI Researchers Expose 38TB of Data, Including Keys, Passwords and Internal Messages

Cybercrime

MGM Hackers Broadening Targets, Monetization Strategies

Latest News

Tracking & Law Enforcement

Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware

Threat Intelligence

In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking

Cyberwarfare

China’s Offensive Cyber Operations in Africa Support Soft Power Efforts

Data Breaches

Air Canada Says Employee Information Accessed in Cyberattack

Vulnerabilities

BIND Updates Patch Two High-Severity DoS Vulnerabilities

Risk Management

Faster Patching Pace Validates CISA’s KEV Catalog Initiative

ICS/OT

SANS Survey Shows Drop in 2023 ICS/OT Security Budgets