Mar 24, 2024NewsroomArtificial Intelligence / Cyber Espionage The North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet, or Springtail) has been observed shifting its tactics, leveraging Compiled HTML Help (CHM) files as vectors to deliver malware for harvesting sensitive data. Kimsuky, active since at least 2012, is known to target entities … [Read more...] about N. Korea-linked Kimsuky Shifts to Compiled HTML Help Files in Ongoing Cyberattacks
Ongoing
W4SP Stealer Constantly Targeting Python Developers in Ongoing Supply Chain Attack
An ongoing supply chain attack has been leveraging malicious Python packages to distribute malware called W4SP Stealer, with over hundreds of victims ensnared to date. "The threat actor is still active and is releasing more malicious packages," Checkmarx researcher Jossef Harush said in a technical write-up, calling the adversary WASP. "The attack seems related to cybercrime as … [Read more...] about W4SP Stealer Constantly Targeting Python Developers in Ongoing Supply Chain Attack
OverWatch Uncovers Ongoing NIGHT SPIDER Zloader Campaign
Over recent months, the CrowdStrike Falcon OverWatch™ team has tracked an ongoing, widespread intrusion campaign leveraging bundled .msi installers to trick victims into downloading malicious payloads alongside legitimate software. These payloads and scripts were used to perform reconnaissance and ultimately download and execute NIGHT SPIDER’s Zloader trojan, as detailed in … [Read more...] about OverWatch Uncovers Ongoing NIGHT SPIDER Zloader Campaign
Ongoing Autom Cryptomining Malware Attacks Using Upgraded Evasion Tactics
An ongoing crypto mining campaign has upgraded its arsenal while adding new defense evasion tactics that enable the threat actors to conceal the intrusions and fly under the radar, new research published today has revealed. Since first detected in 2019, a total of 84 attacks against its honeypot servers have been recorded to date, four of which transpired in 2021, according to … [Read more...] about Ongoing Autom Cryptomining Malware Attacks Using Upgraded Evasion Tactics
New Evidence Proves Ongoing WIZARD/LUNAR SPIDER Collaboration
On March 17, 2019, CrowdStrike® Intelligence observed the use of a new BokBot (developed and operated by LUNAR SPIDER) proxy module in conjunction with TrickBot (developed and operated by WIZARD SPIDER), which may provide WIZARD SPIDER with additional tools to steal sensitive information and conduct fraudulent wire transfers. This activity also provides further evidence to … [Read more...] about New Evidence Proves Ongoing WIZARD/LUNAR SPIDER Collaboration
Firefox Releases Critical Patch Update to Stop Ongoing Zero-Day Attacks
If you use the Firefox web browser, you need to update it right now.Mozilla earlier today released Firefox 67.0.3 and Firefox ESR 60.7.1 versions to patch a critical zero-day vulnerability in the browsing software that hackers have been found exploiting in the wild.Discovered and reported by Samuel Groß, a cybersecurity researcher at Google Project Zero, the vulnerability could … [Read more...] about Firefox Releases Critical Patch Update to Stop Ongoing Zero-Day Attacks
Ongoing Attack Stealing Credit Cards From Over A Hundred Shopping Sites
Researchers from Chinese cybersecurity firm Qihoo 360's NetLab have revealed details of an ongoing credit card hacking campaign that is currently stealing payment card information of customers visiting more than 105 e-commerce websites.While monitoring a malicious domain, www.magento-analytics[.]com, for over last seven months, researchers found that the attackers have been … [Read more...] about Ongoing Attack Stealing Credit Cards From Over A Hundred Shopping Sites