Cybersecurity researchers took the wraps off an ongoing surveillance campaign directed against Colombian government institutions and private companies in the energy and metallurgical industries. In a report published by ESET on Tuesday, the Slovak internet security company said the attacks — dubbed "Operation Spalax" — began in 2020, with the modus operandi sharing some … [Read more...] about Experts Uncover Malware Attacks Against Colombian Government and Companies
Malware
Experts Sound Alarm On New Android Malware Sold On Hacking Forums
Cybersecurity researchers have exposed the operations of an Android malware vendor who teamed up with a second threat actor to market and sell a remote access Trojan (RAT) capable of device takeover and exfiltration of photos, locations, contacts, and messages from popular apps such as Facebook, Instagram, WhatsApp, Skype, Telegram, Kik, Line, and Google Messages. The vendor, … [Read more...] about Experts Sound Alarm On New Android Malware Sold On Hacking Forums
A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware
An authentication bypass vulnerability in the SolarWinds Orion software may have been leveraged by adversaries as zero-day to deploy the SUPERNOVA malware in target environments. According to an advisory published yesterday by the CERT Coordination Center, the SolarWinds Orion API that's used to interface with all other Orion system monitoring and management products suffers … [Read more...] about A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware
How to Defend Against Malware, Phishing, and Scams During COVID-19 Crisis
As if the exponential rise in phishing scams and malware attacks in the last five years wasn't enough, the COVID-19 crisis has worsened it further. The current scenario has given a viable opportunity to cybercriminals to find a way to target individuals, small and large enterprises, government corporations. According to Interpol's COVID-19 Cybercrime Analysis Report, based on … [Read more...] about How to Defend Against Malware, Phishing, and Scams During COVID-19 Crisis
Watch Out! Adrozek Malware Hijacking Chrome, Firefox, Edge, Yandex Browsers
Microsoft on Thursday took the wraps off an ongoing campaign impacting popular web browsers that stealthily injects malware-infested ads into search results to earn money via affiliate advertising. "Adrozek," as it's called by the Microsoft 365 Defender Research Team, employs an "expansive, dynamic attacker infrastructure" consisting of 159 unique domains, each of which hosts … [Read more...] about Watch Out! Adrozek Malware Hijacking Chrome, Firefox, Edge, Yandex Browsers
Hackers-For-Hire Group Develops New ‘PowerPepper’ In-Memory Malware
Cybersecurity researchers on Thursday disclosed details of a previously undiscovered in-memory Windows backdoor developed by a hacker-for-hire operation that can execute remotely malicious code and steal sensitive information from its targets in Asia, Europe, and the US. Dubbed "PowerPepper" by Kaspersky researchers, the malware has been attributed to the DeathStalker group … [Read more...] about Hackers-For-Hire Group Develops New ‘PowerPepper’ In-Memory Malware
TrickBot Malware Gets UEFI/BIOS Bootkit Feature to Remain Undetected
TrickBot, one of the most notorious and adaptable malware botnets in the world, is expanding its toolset to set its sights on firmware vulnerabilities to potentially deploy bootkits and take complete control of an infected system. The new functionality, dubbed "TrickBoot" by Advanced Intelligence (AdvIntel) and Eclypsium, makes use of readily available tools to check devices … [Read more...] about TrickBot Malware Gets UEFI/BIOS Bootkit Feature to Remain Undetected
Experts Uncover ‘Crutch’ Russian Malware Used in APT Attacks for 5 Years
Cybersecurity researchers today took the wraps off a previously undocumented backdoor and document stealer that has been deployed against specific targets from 2015 to early 2020. Codenamed "Crutch" by ESET researchers, the malware has been attributed to Turla (aka Venomous Bear or Snake), a Russia-based advanced hacker group known for its extensive attacks against governments, … [Read more...] about Experts Uncover ‘Crutch’ Russian Malware Used in APT Attacks for 5 Years
Digitally Signed Bandook Malware Once Again Targets Multiple Sectors
A cyberespionage group with suspected ties to the Kazakh and Lebanese governments has unleashed a new wave of attacks against a multitude of industries with a retooled version of a 13-year-old backdoor Trojan. Check Point Research called out hackers affiliated with a group named Dark Caracal in a new report published yesterday for their efforts to deploy "dozens of digitally … [Read more...] about Digitally Signed Bandook Malware Once Again Targets Multiple Sectors
Malware disguised as Minecraft mods on Google Play
The first version of Minecraft was released way back in 2009, but the game remains incredibly popular to this day. That should come as no surprise; not only is it enormous fun, but it’s a platform for kids and adults alike to create their own worlds. Some even use it for urban planning — and some teachers use it in the classroom. Unfortunately, as with any successful project, … [Read more...] about Malware disguised as Minecraft mods on Google Play