Researchers from Cybereason Global Security Operations Center (SOC) Team, one of the world’s leading cybersecurity companies, have discovered a new Windows worm called Raspberry Robin. Through removable USB devices, the malware spreads from one computer to another. A malicious DLL file is downloaded from a QNAP-associated domain using Windows Installer. An alternative C2 infrastructure is […]
Cybersecurity researchers are drawing attention to an ongoing wave of attacks linked to a threat cluster tracked as Raspberry Robin that’s behind a Windows malware with worm-like capabilities. Describing it as a “persistent” and “spreading” threat, Cybereason said it observed a number of victims in Europe. The infections involve a worm that propagates over removable […]
Windows and Linux systems are being targeted by a ransomware variant called HelloXD, with the infections also involving the deployment of a backdoor to facilitate persistent remote access to infected hosts. “Unlike other ransomware groups, this ransomware family doesn’t have an active leak site; instead it prefers to direct the impacted victim to negotiations through […]
An unofficial security patch has been made available for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT), even as the Follina flaw continues to be exploited in the wild. The issue — referenced as DogWalk — relates to a path traversal flaw that can be exploited to stash a malicious executable […]
There has been an increasing amount of interest in targeting the Windows Subsystem for Linux (WSL), due to the fact that they continue to develop new malware, as hackers continue to analyze WSL for potential exploits. Having such a sample available for espionage purposes and for the downloading of extra malicious components would be acceptable. […]
The contestants who successfully exploited 16 zero-day bugs within 16 different products in the Pwn2Own Vancouver 2022 first day won more than $800,000 in prize money. The product line includes:- Microsoft Windows 11 (OS) Microsoft Teams (communication platform) First Day: Microsoft Teams and Windows 11 Hacked In the enterprise communications category, Microsoft Teams was the […]
Fraudulent domains masquerading as Microsoft’s Windows 11 download portal are attempting to trick users into deploying trojanized installation files to infect systems with the Vidar information stealer malware. “The spoofed sites were created to distribute malicious ISO files which lead to a Vidar info-stealer infection on the endpoint,” Zscaler said in a report. “These variants […]
Microsoft is warning of a new variant of the srv botnet that’s exploiting multiple security flaws in web applications and databases to install coin miners on both Windows and Linux systems. The tech giant, which has called the new version Sysrv-K, is said to weaponize an array of exploits to gain control of web servers. […]
Privilege escalation attacks pose a severe cyber security risk to all kinds of systems in public and private organizations. In these attacks, threat actors exploit vulnerabilities or design flaws in operating systems and software applications to gain illegitimate access to resources that would otherwise be restricted to authorized users only, triggering dangerous hacking scenarios. As […]
A security flaw in the Windows Print Spooler component that was patched by Microsoft in February is being actively exploited in the wild, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned. To that end, the agency has added the shortcoming to its Known Exploited Vulnerabilities Catalog, requiring Federal Civilian Executive Branch (FCEB) agencies […]
The Chinese-backed Hafnium hacking group has been linked to a piece of a new malware that’s used to maintain persistence on compromised Windows environments. The threat actor is said to have targeted entities in the telecommunication, internet service provider and data services sectors from August 2021 to February 2022, expanding from the initial victimology patterns […]
BitRAT is one of the best Remote Access Trojan (RAT) available for sale in a hacking forum since 2020. Attackers rely on this RAT mostly because of its salient features like running process tasks, file tasks, and remote commands along with info-stealing features, HVNC. Remote Desktop, coin mining, and proxies. It is natively coded in […]
A South Korean cybersecurity firm has reported detecting a fraudulent campaign targeting players of Valorant, a popular video game for Windows systems. In this campaign, threat actors post videos on YouTube offering tips and supposed tools for cheating in the game, seeking to implant a dangerous malware variant on affected systems. The tools to aim […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging federal agencies to secure their systems against an actively exploited security vulnerability in Windows that could be abused to gain elevated permissions on affected hosts. To that end, the agency has added CVE-2022-21882 (CVSS score: 7.0) to the Known Exploited Vulnerabilities Catalog, necessitating that Federal […]
Cybersecurity specialists recently published an exploit for a local privilege escalation vulnerability whose successful exploitation would allow malicious users to obtain administrator privileges on Windows 10 systems. Tracked as CVE-2022-21882, the flaw was addressed in Microsoft January 2022 security patches. According to the report, authenticated local threat actors could gain elevated privileges on the target […]
The notorious Lazarus Group actor has been observed mounting a new campaign that makes use of the Windows Update service to execute its malicious payload, expanding the arsenal of living-off-the-land (LotL) techniques leveraged by the APT group to further its objectives. The Lazarus Group, also known as APT38, Hidden Cobra, Whois Hacking Team, and Zinc, […]
A new multi-platform malware has been detected in the wild recently by the security experts at Intezer that is stealing users’ sensitive data from all the major platforms like:- Windows Mac Linux This malware has been named ‘SysJoker,’ and this malware comes with several stealthy features; among them comes the capability to circumvent detection on […]
Cybersecurity specialists from Intezer reported the detection of a new cross-platform malware variant capable of infecting Windows, macOS and Linux systems. Dubbed as SysJoker, the malware is highly evasive and even VirusTotal has trouble identifying iterations for Linux and Mac systems. This malware variant was first identified in mid-2021 during a cyberattack targeting a Linux-based […]
A new cross-platform backdoor called “SysJoker” has been observed targeting machines running Windows, Linux, and macOS operating systems as part of an ongoing espionage campaign that’s believed to have been initiated during the second half of 2021. “SysJoker masquerades as a system update and generates its [command-and-control server] by decoding a string retrieved from a […]
The vulnerability was identified and fixed in 2013 but in 2014 Microsoft revised the fix allowing Malsmoke hackers in 2022 to spread ZLoader malware. Israel-based cybersecurity firm Check Point Research has been assessing a sophisticated infection chain since Nov 2021. Researchers have now published their report, stating that a new ZLoader malware campaign is underway […]
During the November 2021 Patch Tuesday Two Active Directory domain service privilege escalation security flaws have been detected recently by Andrew Bartlett of Catalyst IT, and these two security flaws allow hackers to take over Windows domains easily when they are united. Microsoft suggested users to immediately patch these two Active Directory domain service privilege […]