Feb 21, 2025Ravie LakshmananData Protection / Encryption Apple is removing its Advanced Data Protection (ADP) feature for iCloud from the United Kingdom with immediate effect following government demands for backdoor access to encrypted user data. The development was first reported by Bloomberg. ADP for iCloud is an optional setting that ensures that users' trusted devices … [Read more...] about Apple Drops iCloud’s Advanced Data Protection in the U.K. Amid Encryption Backdoor Demands
backdoor
CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors
Jan 31, 2025Ravie LakshmananVulnerability / Healthcare The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have issued alerts about the presence of hidden functionality in Contec CMS8000 patient monitors and Epsimed MN-120 patient monitors. The vulnerability, tracked as CVE-2025-0626, carries a CVSS v4 score of 7.7 on a … [Read more...] about CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors
PureCrypter Deploys Agent Tesla and New TorNet Backdoor in Ongoing Cyberattacks
Jan 28, 2025Ravie LakshmananPhishing Attack / Network Security A financially motivated threat actor has been linked to an ongoing phishing email campaign that has been ongoing since at least July 2024 specifically targeting users in Poland and Germany. The attacks have led to the deployment of various payloads, such as Agent Tesla, Snake Keylogger, and a previously … [Read more...] about PureCrypter Deploys Agent Tesla and New TorNet Backdoor in Ongoing Cyberattacks
Thai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading Techniques
Dec 14, 2024Ravie LakshmananMalware / Cyber Threat Thai government officials have emerged as the target of a new campaign that leverages a technique called DLL side-loading to deliver a previously undocumented backdoor dubbed Yokai. "The target of the threat actors were Thailand officials based on the nature of the lures," Nikhil Hegde, senior engineer for Netskope's Security … [Read more...] about Thai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading Techniques
Secret Blizzard Deploys Kazuar Backdoor in Ukraine Using Amadey Malware-as-a-Service
Dec 11, 2024Ravie LakshmananMalware / Cyber Espionage The Russian nation-state actor tracked as Secret Blizzard has been observed leveraging malware associated with other threat actors to deploy a known backdoor called Kazuar on target devices located in Ukraine. The new findings come from the Microsoft threat intelligence team, which said it observed the adversary leveraging … [Read more...] about Secret Blizzard Deploys Kazuar Backdoor in Ukraine Using Amadey Malware-as-a-Service
macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
Aug 27, 2024Ravie LakshmananCyber Espionage / Malware Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT. The artifacts "almost exactly replicate the functionality of the Windows version of the backdoor and differ only in the payload, which is received in the form of shell scripts from the … [Read more...] about macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide
Aug 22, 2024Ravie LakshmananHardware Security / Supply Chain Attack Cybersecurity researchers have uncovered a hardware backdoor within a particular model of MIFARE Classic contactless cards that could allow authentication with an unknown key and open hotel rooms and office doors. The attacks have been demonstrated against FM11RF08S, a new variant of MIFARE Classic that was … [Read more...] about Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide
Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor
Aug 20, 2024Ravie LakshmananVulnerability / Threat Intelligence A previously undocumented backdoor named Msupedge has been put to use against a cyber attack targeting an unnamed university in Taiwan. "The most notable feature of this backdoor is that it communicates with a command-and-control (C&C) server via DNS traffic," the Symantec Threat Hunter Team, part of … [Read more...] about Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor
ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor
Jun 22, 2024NewsroomCyber Espionage / Threat Intelligence Russian organizations have been targeted by a cybercrime gang called ExCobalt using a previously unknown Golang-based backdoor known as GoRed. "ExCobalt focuses on cyber espionage and includes several members active since at least 2016 and presumably once part of the notorious Cobalt Gang," Positive Technologies … [Read more...] about ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor
Russian APT Deploys New ‘Kapeka’ Backdoor in Eastern European Attacks
Apr 17, 2024NewsroomRansomware / Cyber Espionage A previously undocumented "flexible" backdoor called Kapeka has been "sporadically" observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The findings come from Finnish cybersecurity firm WithSecure, which attributed the malware to the Russia-linked advanced persistent … [Read more...] about Russian APT Deploys New ‘Kapeka’ Backdoor in Eastern European Attacks