Browsing tag
“…well, of course!” is what you might think. It’s a biological threat, so how could it affect digital assets? But hang on. Among other effects, this pandemic has brought about a massive shift in several technological areas. Not only did it force numerous organizations – that up to now were reluctant – to gear up […]
Networking equipment maker Cisco Systems has rolled out patches to address three critical security vulnerabilities in its IOS XE network operating system that remote attackers could potentially abuse to execute arbitrary code with administrative privileges and trigger a denial-of-service (DoS) condition on vulnerable devices. The list of three flaws is as follows – CVE-2021-34770 (CVSS […]
The U.S. is presently combating two pandemics–coronavirus and ransomware attacks. Both have partially shut down parts of the economy. However, in the case of cybersecurity, lax security measures allow hackers to have an easy way to rake in millions. It’s pretty simple for hackers to gain financially, using malicious software to access and encrypt data […]
An unidentified threat actor has been exploiting a now-patched zero-day flaw in Internet Explorer browser to deliver a fully-featured VBA-based remote access trojan (RAT) capable of accessing files stored in compromised Windows systems, and downloading and executing malicious payloads as part of an “unusual” campaign. The backdoor is distributed via a decoy document named “Manifest.docx” […]
Cybersecurity researchers have opened the lid on the continued resurgence of the insidious Trickbot malware, making it clear that the Russia-based transnational cybercrime group is working behind the scenes to revamp its attack infrastructure in response to recent counter efforts from law enforcement. “The new capabilities discovered are used to monitor and gather intelligence on […]
Cybersecurity researchers have uncovered an ongoing malware campaign that heavily relies on AutoHotkey (AHK) scripting language to deliver multiple remote access trojans (RAT) such as Revenge RAT, LimeRAT, AsyncRAT, Houdini, and Vjw0rm on target Windows systems. At least four different versions of the campaign have been spotted starting February 2021, according to researchers from Morphisec […]
Recently one of the most dangerous ransomware, WastedLocker, owes its success to a unique bypass mechanism for security solutions and tools that block ransomware. Initially, WastedLocker appeared this year in May, and it’s a part of the arsenal of the famous cybercriminal group Evil Corp, which is also known as Dridex. It was used in […]
Cognizant Technology Solutions Corp, one of the largest IT services providers hit by Maze Ransomware Cyber Attack which causes service disruptions to its clients. The company has more than 300,000 employees and it provides IT services, including digital, technology, consulting, and operations services. Maze Ransomware Attack – Cognizant The company started emailing their client on […]
A new malware campaign dubbed “RevengeHotels” targeting hotels, hostels, hospitality, and tourism companies worldwide aimed to steal credit card data of users and Travelers from hotel management systems. The campaign uses email as the main attack vector to deliver malware via weaponized Word, Excel or PDF documents. In some cases, it exploits patched Remote Code […]
A new malware strain dubbed Dexphot attacking windows computers to mine cryptocurrency, monitoring services, and scheduled tasks to rerun the infection if windows defender removed it. The malware uses filess techniques it gets malicious codes executed directly in memory and also it hijacks the legitimate process to hide the malicious activity. Microsoft closely tracked the […]
RIPlace a new evasion technique that allows threat actors to encrypt files on Windows-based computers without being detected by anti-ransomware products. Nyotron’s Security researchers discovered a new technique that leverages Microsoft Windows file system rename operations to stay undetected from security products, RIPlace Evasion Technique Attackers can use this RIPlace method to alter any files […]
Malware authors continue to trick users abusing legitimate services, one recent example of this is the new campaign of Raccoon information-stealing malware. The Raccoon Stealer Malware is written in C++ by Russian-speaking developers and it developed to compromise both 32 and 64-bit operating systems. It was sold on underground forums in both Russian and English […]
A new malicious downloader dubbed “DePriMon” registers itself as fake Windows Default Print Monitor to achieve persistence and to execute commands as a SYSTEM user. The DePriMon malware found to be active at least from March 2017, it was detected first in a private company based in Central Europe. It is well-written malware and the […]
Researchers discovered a new malware campaign that drops two different Remote Access Trojan(RAT) on targeted Windows systems and steal sensitive information from popular browsers such as Chrome and Firefox. The samples that uncovered by Fortinet researchers drop the RevengeRAT and WSHRAT malware and it has various obfuscation functionalities that use the various stage to maintain […]
Researchers discovered a new PureLocker Ransomware that capable of encrypting files in Windows, Linux, and macOS. The ransomware used by threat actors to perform a targeted attack against production servers of the enterprise networks. Code reuse analysis against Purelocker reveals that the ransomware related to the “more_eggs”, a backdoor malware often used by Cobalt Gang, FIN6 […]
The ransomware evolution re-shaping the cyber domain, starting from 2019 the ransomware attacks against high-profile public and corporate networks by making criminal alliances. In 2018, threat actors behind GandCrab ransomware launched their Ransomware-as-a-Service which shifts the paradigm and turns the ransomware a full-fledged business with Branding, marketing, outreach. Threat Actor Group Truniger Truniger also known […]
Malware delivery trends change every day. For the last few years, we have observed various hacker groups like ( APT12 to Turla ) uses various techniques to deliver malware on the system or network. One of the best technique hackers groups used is to write malicious code and obfuscate it and embed with Office documents […]
Security researchers spotted the first mass cyberattack campaign exploiting BlueKeep RDP Flaw to install a cryptocurrency miner on the vulnerable installations. Bluekeep(CVE-2019-0708) is a wormable critical RCE vulnerability in Remote desktop services that let hackers access the vulnerable machine without authentication. As vulnerability is wormable, it could rapidly compromise millions of machines in a short […]
A new malware dubbed “Messagetap” designed to monitor and record SMS traffic of certain phone numbers, IMSI numbers, and based on keywords for subsequent theft. The new malware was developed by the Chinese APT41 hacker group to deploy in the telecommunications network. The malware was discovered by FireEye during an investigation at a telecommunications network […]
For PC manufacturing and silicon partners, Microsoft is collaborating to develop computers with a stable firmware layer. The project aims to counter threats targeting firmware and operating systems with the help of Secured-Core PCs, computers that apply best practice for protection to firmware. Such tools, explains the technology giant, are tailored for sectors such as […]
Researchers discovered a new malware campaign from the Winnti threat group that utilizes the supply-chain attacks with a new set of artifacts to inject a sophisticated backdoor in windows computers. Winnti group activities are being monitored since 2013, since then it continuously targeting various private sectors including Aviation, Gaming, Pharmaceuticals, Software development, Telecommunication and Technology that […]