Malware & Threats Archives

SECURITYWEEK NETWORK:

ICS:

Hi, what are you looking for?

Malware & Threats

Pakistani APT Uses YouTube-Mimicking RAT to Spy on Android Devices

New versions of Pakistan-linked APT Transparent Tribe’s CapraRAT Android trojan mimic the appearance of YouTube.

Ionut Arghire6 days ago

Malware & Threats

CISA Says Owl Labs Vulnerabilities Requiring Close Physical Range Exploited in Attacks

CISA says Owl Labs video conferencing device vulnerabilities that require the attacker to be in close range exploited in attacks

Eduard Kovacs6 days ago

Malware & Threats

macOS Info-Stealer Malware ‘MetaStealer’ Targeting Businesses

The MetaStealer macOS information stealer has been targeting businesses to exfiltrate keychain and other valuable information.

Ionut ArghireSeptember 13, 2023

Messaging exploits deliver Pegasus spyware

Malware & Threats

After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery

After Apple and Google, Mozilla has also patched an image processing-related zero-day vulnerability exploited by spyware.

Eduard KovacsSeptember 13, 2023

Malware & Threats

Zero-Day Summer: Microsoft Warns of Fresh New Software Exploits

Microsoft’s struggles with zero-day exploits rolled into a new month with a fresh Patch Tuesday warning about malware attacks in the wild.

Ryan NaraineSeptember 12, 2023

Malware & Threats

Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks

Cisco is warning of a zero-day vulnerability in Cisco ASA and FTD that can be exploited remotely, without authentication, in brute force attacks.

Ionut ArghireSeptember 8, 2023

Malware & Threats

New hVNC macOS Malware Advertised on Hacker Forum

A new macOS-targeting hVNC malware family is being advertised on a prominent cybercrime forum.

Ionut ArghireAugust 2, 2023

Malware & Threats

Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack

The recently patched Ivanti EPMM zero-day CVE-2023-35078 has been exploited to hack the Norwegian government since at least April 2023.

Eduard KovacsAugust 2, 2023

Malware & Threats

Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks

Ivanti EPMM customers have been warned of CVE-2023-35081, a second zero-day vulnerability that has been exploited in targeted attacks.

Eduard KovacsJuly 31, 2023

Malware & Threats

CISA Analyzes Malware Used in Barracuda ESG Attacks

CISA has shared analysis reports on three malware families obtained from an organization hacked via a recent Barracuda ESG vulnerability.

Ionut ArghireJuly 31, 2023

Malware & Threats

Exploitation of Recent Citrix ShareFile RCE Vulnerability Begins

The first attempts to exploit CVE-2023-24489, a recent critical Citrix ShareFile remote code execution vulnerability, have been observed.

Ionut ArghireJuly 28, 2023

Email Security

In Other News: Military Emails Leaked, Google Restricts Internet Access, Chinese Spyware

Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of July 17,...

SecurityWeek NewsJuly 21, 2023

Malware & Threats

Multiple DDoS Botnets Exploiting Recent Zyxel Vulnerability

Multiple DDoS botnets have been observed targeting CVE-2023-28771, a Zyxel firewall vulnerability patched in April.

Ionut ArghireJuly 20, 2023

Malware & Threats

P2PInfect: New Peer-to-Peer Worm Targeting Redis Servers

The Rust-based peer-to-peer worm ‘P2PInfect’ is targeting a Lua sandbox escape vulnerability in internet-accessible Redis servers.

Ionut ArghireJuly 20, 2023

Malware & Threats

Two Jira Plugin Vulnerabilities in Attacker Crosshairs

Attackers are exploiting two path traversal vulnerabilities in the Stagil navigation for Jira – Menus & Themes plugin.

Ionut ArghireJuly 19, 2023

Government

US Gov Mercenary Spyware Clampdown Hits Cytrox, Intellexa

The two foreign companies are being sanctioned for “for trafficking in cyber exploits used to gain access to information systems.”

Ryan NaraineJuly 18, 2023

Malware & Threats

WordPress Sites Hacked via Critical Vulnerability in WooCommerce Payments Plugin

Attackers have started exploiting CVE-2023-28121, a recent critical vulnerability in the WooCommerce Payments WordPress plugin.

Ionut ArghireJuly 18, 2023

Fraud & Identity Theft

Netcraft Raises $100M, Hires New CEO for Global Expansion

The British company secures $100 million in funding and announced the hiring of a new chief executive to pursue global expansion plans.

Ryan NaraineJuly 18, 2023

Page 4 of 463‹ Previous 1 2 345 6 7 8 Next ›Last »

SECURITYWEEK NETWORK:

ICS:

Malware & Threats

Pakistani APT Uses YouTube-Mimicking RAT to Spy on Android Devices

Malware & Threats

CISA Says Owl Labs Vulnerabilities Requiring Close Physical Range Exploited in Attacks

Malware & Threats

macOS Info-Stealer Malware ‘MetaStealer’ Targeting Businesses

Malware & Threats

After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery

Malware & Threats

Zero-Day Summer: Microsoft Warns of Fresh New Software Exploits

Malware & Threats

Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks

Malware & Threats

New hVNC macOS Malware Advertised on Hacker Forum

Malware & Threats

Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack

Malware & Threats

Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks

Malware & Threats

CISA Analyzes Malware Used in Barracuda ESG Attacks

Malware & Threats

Exploitation of Recent Citrix ShareFile RCE Vulnerability Begins

Email Security

In Other News: Military Emails Leaked, Google Restricts Internet Access, Chinese Spyware

Malware & Threats

Multiple DDoS Botnets Exploiting Recent Zyxel Vulnerability

Malware & Threats

P2PInfect: New Peer-to-Peer Worm Targeting Redis Servers

Malware & Threats

Two Jira Plugin Vulnerabilities in Attacker Crosshairs

Government

US Gov Mercenary Spyware Clampdown Hits Cytrox, Intellexa

Malware & Threats

WordPress Sites Hacked via Critical Vulnerability in WooCommerce Payments Plugin

Fraud & Identity Theft

Netcraft Raises $100M, Hires New CEO for Global Expansion

Featured

Mobile & Wireless

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones

Cyberwarfare

New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware

Funding/M&A

Cisco to Acquire Splunk for $28 Billion

Cybercrime

MGM Resorts Computers Back Up After 10 Days as Analysts Eye Effects of Casino Cyberattacks

Cybersecurity Funding

SASE Firm Cato Networks Raises $238 Million at $3 Billion Valuation

Artificial Intelligence

Microsoft AI Researchers Expose 38TB of Data, Including Keys, Passwords and Internal Messages

Cybercrime

MGM Hackers Broadening Targets, Monetization Strategies

Latest News

Tracking & Law Enforcement

Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware

Threat Intelligence

In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking

Cyberwarfare

China’s Offensive Cyber Operations in Africa Support Soft Power Efforts

Data Breaches

Air Canada Says Employee Information Accessed in Cyberattack

Vulnerabilities

BIND Updates Patch Two High-Severity DoS Vulnerabilities

Risk Management

Faster Patching Pace Validates CISA’s KEV Catalog Initiative

ICS/OT

SANS Survey Shows Drop in 2023 ICS/OT Security Budgets