According to researchers, the PRISM backdoor has been on their radar for more than 3.5 years. Security researchers at AT&T Labs have published a report sharing details of a newly discovered Linux ELF executables cluster having zero to low antivirus detections on VirusTotal. Researchers noted that these executables have a modified version of the open-source backdoor […]
Researchers uncovered a weaponized word document that mimics a malicious Windows 11 Alpha-theme used as a medium to drop a JavaScript payload with a JavaScript backdoor. FIN7 is an APT threat group believed to reside in the Eastern European active since 2015, and this group considers as one of the notorious hacking groups targeted 100+ […]
A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript implant, against a point-of-sale (PoS) service provider located in the U.S. The attacks, which are believed to have taken place between late June to late July 2021, have been attributed with […]
The security analysts from the cybersecurity firm Bitdefender have recently noted the new backdoor BADHATCH malware that was being used by the very well-known threat actor, FIN8. However, this is not the first time that FIN8 has been initiating any attack, as per the report these APT threat actors were targeting victims since 2016. Well, […]
A financially motivated threat actor notorious for setting its sights on retail, hospitality, and entertainment industries has been observed deploying a completely new backdoor on infected systems, indicating the operators are continuously retooling their malware arsenal to avoid detection and stay under the radar. The previously undocumented malware has been dubbed “Sardonic” by Romanian cybersecurity […]
A computer retail company based in the U.S. was the target of a previously undiscovered implant called SideWalk as part of a recent campaign undertaken by a Chinese advanced persistent threat group primarily known for singling out entities in East and Southeast Asia. Slovak cybersecurity firm ESET attributed the malware to an advanced persistent threat […]
The second in our series on IIS threats dissects a malicious IIS extension that employs nifty tricks in an attempt to secure long-term espionage on the compromised servers
This was a difficult weekend for those users looking for new options to browse the Internet. A security report points to the detection of a malicious campaign in which users were tricked into downloading the Brave browser from a fake ad that redirected them to a malicious website. The website used by the hackers is […]
A recent report claims that the vulnerability affecting Checkbox Survey, a tool ASP.NET to add survey functionality to websites, was exploited by a hacking group sponsored by the Chinese government in a campaign against public and private organizations in the U.S. The report, prepared by security firm Sygnia, does not expressly mention the Chinese government, […]
In a recent statement, Microsoft confirmed that Netfilter, a malicious driver distributed within some gaming environments, was signed by the company. Karsten Hahn, researcher at security firm G Data, mentions that this rootkit was first detected a couple of weeks ago and has connection to IP addresses and C&C servers in China. For the cybersecurity […]
The cybersecurity research team of ESET has recently identified a very new APT group named as BackdoorDiplomacy, attacking telecommunications and diplomatic organizations throughout the world. According to the report, this group has attacked the Ministries of Foreign Affairs of several countries for the past four years in the Middle East and Africa. The researchers of […]
A newly discovered hacking group is deploying an ambitious malicious campaign against politicians in Africa and the Middle East. The operation, identified as “BackdoorDiplomacy”, has also been detected in Europe and Asia. ESET experts believe this campaign has been active since at least 2017, targeting Windows and Linux systems in order to exploit vulnerabilities in […]
ESET researchers discover a new campaign that evolved from the Quarian backdoor
Cybercriminals funded by the Chinese government are reportedly employing a new variant of backdoor in order to deploy an ambitious cyber espionage campaign target other National states. According to the experts at Check Point Research, this backdoor was designed, developed and operated for the engagement of a South Asian government that was not explicitly named. […]
The cybersecurity researchers of the Qihoo 360 NETLAB team have recently uncovered a new Linux backdoor, that has been dubbed as, “Facefish.” Experts have claimed that this new backdoor has the ability to steal user device information, login credentials, and even it can also execute arbitrary commands on the infected Linux systems. By abusing this […]
Microsoft has disclosed that the SolarWinds hackers or SolarWinds supply chain attack-fame threat actors are back in action. This time, they are targeting government agencies, consultants, think tanks, and non-governmental organizations across 24 countries. Microsoft’s findings were corroborated by cybersecurity firm Volexity. Research reveals that this time, SolarWinds attackers have singled out NGOs, research institutions, government […]
Cybersecurity researchers have disclosed a new backdoor program capable of stealing user login credentials, device information and executing arbitrary commands on Linux systems. The malware dropper has been dubbed “Facefish” by Qihoo 360 NETLAB team owing its capabilities to deliver different rootkits at different times and the use of Blowfish cipher to encrypt communications to […]
Microsoft on Thursday disclosed that the threat actor behind the SolarWinds supply chain hack returned to the threat landscape to target government agencies, think tanks, consultants, and non-governmental organizations located across 24 countries, including the U.S. “This wave of attacks targeted approximately 3,000 email accounts at more than 150 different organizations,” Tom Burt, Microsoft’s Corporate […]
Uploading files is very common on a good percentage of websites around the world. Platforms like LinkedIn or Facebook allow users to upload images, MP3, MP4, PDF files and many other formats. However, cybersecurity specialists point out that file charge also poses severe security risks that must be addressed before hackers abuse them. This time, […]
Cybersecurity experts report that a hacking group has developed a complex rootkit to perform backdoor tasks on Windows systems. As you will remember, a rootkit is a malicious tool designed to evade security mechanisms on a computer system to deploy subsequent attacks. This new malware, identified as Moriya, was discovered by Kaspersky researchers and is […]
New RotaJakiro Stealthy Linux Malware With System Backdoor Capabilities Went Unnoticed for 3 Years. Qihoo 360’s Network Security Research Lab, aka 360 NetLab, the research team has discovered a new Linux malware with outstanding backdoor capabilities. The malware is dubbed RotaJakiro, and it allows attackers to steal and exfiltrate sensitive system data from compromised devices. […]