Malware & Threats Archives

CONFERENCE On Demand: Cyber AI & Automation Summit - Watch Now

SECURITYWEEK NETWORK:

ICS:

Hi, what are you looking for?

Data Protection

Trail of Bits Spinout iVerify Tackles Mercenary Spyware Threat

iVerify, a seed-stage startup spun out of Trail of Bits, ships a mobile threat hunting platform to neutralize iOS and Android zero-days.

Ryan Naraine3 days ago

Artificial Intelligence

5 Critical Steps to Prepare for AI-Powered Malware in Your Connected Asset Ecosystem

AI-powered attacks will become progressively more common, and a well-rounded security approach involves more than simply managing incidents effectively.

Rik Ferguson3 days ago

Cybercrime

Russian Pleads Guilty to Role in Developing TrickBot Malware

Russian national Vladimir Dunaev pleaded guilty to involvement in the development and use of the TrickBot malware that caused tens of millions of dollars...

Ionut Arghire5 days ago

Malware & Threats

New ‘Turtle’ macOS Ransomware Analyzed

New Turtle macOS ransomware is not sophisticated but shows that cybercriminals continue to target Apple devices.

Eduard KovacsDecember 1, 2023

Endpoint Security

Apple Patches WebKit Flaws Exploited on Older iPhones

Apple's security response team warns that flaws CVE-2023-42916 and CVE-2023-42917 were already exploited against versions of iOS before iOS 16.7.1.

Ryan NaraineNovember 30, 2023

Malware & Threats

Hundreds of Malicious Android Apps Target Iranian Mobile Banking Users

Zimperium has identified over 200 information-stealing Android applications targeting mobile banking users in Iran.

Ionut ArghireNovember 30, 2023

Malware & Threats

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability

More than 3,000 Openfire servers are not patched against a recent vulnerability and are exposed to attacks employing a new exploit.

Ionut ArghireAugust 23, 2023

Malware & Threats

New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack

A new APT group called Carderbee has been observed deploying the PlugX backdoor via a supply chain attack targeting organizations in Hong Kong.

Ionut ArghireAugust 22, 2023

Malware & Threats

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability

CISA warns that CVE-2023-26359, an Adobe ColdFusion vulnerability patched in March, has been exploited in the wild.

Eduard KovacsAugust 22, 2023

Malware & Threats

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability

A critical-severity vulnerability in the Ivanti Sentry (formerly MobileIron Sentry) product exposes sensitive API data and configurations.

Ryan NaraineAugust 21, 2023

Cybercrime

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer

Cyfirma security researchers uncover the real identity of the CypherRAT and CraxsRAT malware developer and MaaS operator.

Ionut ArghireAugust 21, 2023

Malware & Threats

Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure

The ‘LabRat’ cryptomining and proxyjacking operation relies on signature-based tools and stealthy cross-platform malware, and abuses TryCloudflare to hide its C&Cs.

Ionut ArghireAugust 18, 2023

Cybercrime

Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands

A new report from Rapid7 says a ransomware gang like Cl0p would easily be able to afford a bevy of zero-day exploits for vulnerable...

Kevin TownsendAugust 17, 2023

Malware & Threats

Thousands of Systems Turned Into Proxy Exit Nodes via Malware

Threat actors have been observed deploying a proxy application on Windows and macOS systems that were infected with malware.

Ionut ArghireAugust 17, 2023

Malware & Threats

2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability

A threat actor has exploited a recent Citrix vulnerability (CVE-2023-3519) to infect roughly 2,000 NetScaler instances with a backdoor.

Ionut ArghireAugust 15, 2023

Malware & Threats

Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware

Hudson Rock security researchers have identified credentials for hacker forums on roughly 120,000 computers infected with information stealers.

Ionut ArghireAugust 15, 2023

Government

In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities

Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of August 7,...

SecurityWeek NewsAugust 11, 2023

Malware & Threats

Threat Actors Abuse Cloudflare Tunnel for Persistent Access, Data Theft

Threat actors have been observed abusing the open source Cloudflare Tunnel tool Cloudflared to maintain stealthy, persistent access to compromised systems.

Ionut ArghireAugust 4, 2023