Browsing tag
A new multistage attack exploiting Elasticsearch servers using the old unpatched vulnerability to invoke a shell with a crafted query and encoded Java commands. The attack aims to deliver BillGates/Setag Backdoor against vulnerable Elasticsearch servers. The attack targets the already patched vulnerability in the Groovy scripting engine (versions 1.3.0 – 1.3.7 and 1.4.0 – 1.4.2) […]
Researchers discovered a previously unseen malware called Okrum that distributed from APT15 threat group via a hidden PNG file with steganography technique to evade detection. APT15 threat group also known as Ke3chang has a long history of its malicious activities since 2010, and it was initially reported in 2013 during their campaign activity attack organization in […]
The malware attack involves two stages including one in which existing cryptomining malware is removed. The IT security researchers at Trend Micro have discovered a new malware campaign targeting Elasticsearch databases in the wild. The campaign takes advantage of unprotected or publicly available Elasticsearch databases, infect them with malware before turning them into botnet zombies […]
The EvilGnomes Linux malware has been linked to infamous Russian threat actors from the Gamaredon Group. The IT security researchers at Intezar Labs have discovered a sophisticated new backdoor Linux malware in the wild that has been developed to target Linux devices. Dubbed EvilGnomes by researchers; the malware was found masquerading as a Gnome shell […]
Infamous Turla APT Hackers group renew its arsenal with a new hacking tool named “Topinambour ” also called as aka Sunchoke that is mainly used to target and compromise the government networks. The newly added tool started using at the beginning of 2019, and the malware authors named it as Tonpinambour by themselves for this […]
An Infamous Cyberespionage group known as “Buhtrap” uses a Windows Zero-day exploit for its new campaign to attack businesses and perform targeted attack governmental institutions. Buhtrap hackers group actively targeting various financial institutions in 2015, since then the group improvising their toolset with new exploits and malware to attack Europe and Asia based countries. Newly observed […]
Researchers discovered a new malware campaign called ViceLeaker that specifically targeting the Android users with sophisticated backdoor capabilities to Hijack camera, delete files, record audio and more. Some of the Malware samples discovered by Kaspersky researchers are modified versions of an open source Jabber/XMPP client called “Conversations” a legitimate version of the Android app available in Google […]
Kaspersky security team has discovered a new strain of malware called Plurox, which packs a cryptominer, backdoor, and worm-like plugins, all into one. Plurox is a cut above the regular malware. It comes with advanced capabilities that can spread the malware laterally to more systems and mine cryptocurrency using one of its eight different plugins. […]
A few months ago, specialists in digital forensics analysis of security firm Kaspersky analyzed Plurox, a backdoor detected in some attacks that occurred in early 2019, discovering that this malware has some features with high harmful potential. In their research, experts discovered that malware can spread across a local network via an exploit, access the […]
Triada Banking Trojan came Preinstalled as Backdoor in Budget Android Smartphones- Google Confirms. It would probably be the first time ever in Google’s history that the company has revealed details of the tenacity and success of malware dubbed as Triada. Triada malware was discovered in 2017 and came pre-installed on Android devices. It was believed […]
According IT security audit service specialists, Google recently recognized that a group of cybercriminals discovered a backdoor preinstalled on Android devices during the year 2017. The backdoor, known as Triada, was reported for the first time by researchers from the Kaspersky firm; in their first report, experts mentioned that this was one of the most […]
Cybercriminals from Sednit group, also known as Fancy Bear, APT28, Sofacy launching new Zebrocy Malware that indented to open backdoor on the targeted machine to gain the remote access. The sednit hacking group operates since 2004, the threat operators from this group employed a verity of hacking tools to perform its espionage operations. Researchers from […]
Researchers discovered a new malware that infect MacOS via malicious website by disguised as WhatsApp official website where it also drops a malware for Windows Operating system. Attackers are targeting both Windows and MacOS operating system to injecting a backdoor that helps to execute malicious code from a remote server. Backdoor named as Mac.BackDoor.Siggen.20 gets on […]
Threat actors have compromised the Asus technology manufacturer update mechanism to install malware that allows installing a backdoor on compromised computers. According to web application security testing experts, this is due to a Man-In-The-Middle (MiTM) attack campaign against routers to exploit some unsecured HTTP connections between Asus computer users and company servers. This malware, known […]
Reports of IICS web application penetration testing experts mentioned that a group of Russian cyber spies created one of the most advanced backdoors that have been thought to attack by an email server. The LightNeuron backdoor was specially developed to attack Microsoft Exchange email servers and, according to web application penetration testing experts, it works […]
Vulnerability testing specialists from the International Institute of Cyber Security (IICS) reported the finding of a modular and adaptable software variant with a wide variety of features designed to perform various cyber spying tasks. A group of researchers from a cybersecurity firm discovered this spyware, stating that the entire framework comprises not only the intrinsic […]
Well-Known and advanced threat actors groups TA505 APT distributing a new variant of ServHelper malware that distributed via weaponized Excel 4.0 macro to open a backdoor & steal sensitive information from infection system. TA505 threat actors associated with various high profile cyber attackers including infamous Dridex banking trojan and Locky ransomware, delivered through malicious email […]
The authors of the book ‘Learn ethical hacking’, along with specialists from the International Institute of Cyber Security (IICS), report the existence of a critical vulnerability in the Matebook laptop, developed by Huawei; according to the reports, this flaw could be exploited to take control of the compromised devices. The Chinese company has faced strong […]
The victims of ShadowHammer malware attack are Windows users. Kaspersky Lab researchers have made a startling new revelation that the world’s leading computer maker ASUS’s live software update system was compromised by cybercriminals to install a backdoor, which affected ASUS customers. The attack occurred in 2018 and according to Kaspersky Lab, the attackers compromised the legitimate […]
Consumer technology vendors often advise their customers to only install updates and patches only via the official channels to make sure that the integrity of the system is maintained. But what if your PC maker’s official update utility contains malware? That’s exactly what has happened with about 1 million owners of Asus computers. First reported […]
According to ethical hacking researcher, backdoor is an malware which is used to break authentication of any computer system. Now day’s most of the backdoor attacks are increasing in organizations. Backdoor takes hidden form of the program. Backdoor can be designed & programmed easily, as it was demonstrated in ethical hacking course of International Institute […]