Jul 23, 2024NewsroomCyber Espionage / Chinese Hackers Organizations in Taiwan and a U.S. non-governmental organization (NGO) based in China have been targeted by a Beijing-affiliated state-sponsored hacking group called Daggerfly using an upgraded set of malware tools. The campaign is a sign that the group "also engages in internal espionage," Symantec's Threat Hunter Team, … [Read more...] about Chinese Hackers Target Taiwan and US NGO with MgBot Malware
Malware
Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware
Jul 20, 2024NewsroomMalware / IT Outage Cybersecurity firm CrowdStrike, which is facing the heat for causing worldwide IT disruptions by pushing out a flawed update to Windows devices, is now warning that threat actors are exploiting the situation to distribute Remcos RAT to its customers in Latin America under the guise of a providing a hotfix. The attack chains involve … [Read more...] about Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware
North Korean Hackers Update BeaverTail Malware to Target MacOS Users
Jul 17, 2024NewsroomCyber Espionage / Cryptocurrency Cybersecurity researchers have discovered an updated variant of a known stealer malware that attackers affiliated with the Democratic People's Republic of Korea (DPRK) have delivered as part of prior cyber espionage campaigns targeting job seekers. The artifact in question is an Apple macOS disk image (DMG) file named … [Read more...] about North Korean Hackers Update BeaverTail Malware to Target MacOS Users
DarkGate Malware Exploits Samba File Shares in Short-Lived Campaign
Jul 12, 2024NewsroomMalware / Cyber Attack Cybersecurity researchers have shed light on a short-lived DarkGate malware campaign that leveraged Samba file shares to initiate the infections. Palo Alto Networks Unit 42 said the activity spanned the months of March and April 2024, with the infection chains using servers running public-facing Samba file shares hosting Visual Basic … [Read more...] about DarkGate Malware Exploits Samba File Shares in Short-Lived Campaign
More_eggs Malware Disguised as Resumes Targets Recruiters in Phishing Attack
Jun 10, 2024NewsroomPhishing Attack / Cybercrime Cybersecurity researchers have spotted a phishing attack distributing the More_eggs malware by masquerading it as a resume, a technique originally detected more than two years ago. The attack, which was unsuccessful, targeted an unnamed company in the industrial services industry in May 2024, Canadian cybersecurity firm … [Read more...] about More_eggs Malware Disguised as Resumes Targets Recruiters in Phishing Attack
FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine
May 30, 2024NewsroomCyber Attack / Malware Cloudflare on Thursday said it took steps to disrupt a month-long phishing campaign orchestrated by a Russia-aligned threat actor called FlyingYeti targeting Ukraine. "The FlyingYeti campaign capitalized on anxiety over the potential loss of access to housing and utilities by enticing targets to open malicious files via debt-themed … [Read more...] about FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine
These Fake Antivirus Sites Spreading Android and Windows Malware
May 24, 2024NewsroomMalvertising / Endpoint Security Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices. "Hosting malicious software through sites which look legitimate is predatory … [Read more...] about These Fake Antivirus Sites Spreading Android and Windows Malware
North Korean Hackers Deploy New Golang Malware ‘Durian’ Against Crypto Firms
May 10, 2024NewsroomMalware / Cyber Espionage The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed Durian as part of highly-targeted cyber attacks aimed at two South Korean cryptocurrency firms. "Durian boasts comprehensive backdoor functionality, enabling the execution of delivered commands, … [Read more...] about North Korean Hackers Deploy New Golang Malware ‘Durian’ Against Crypto Firms
Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign
May 09, 2024NewsroomMobile Security / Cyber Attack Polish government institutions have been targeted as part of a large-scale malware campaign orchestrated by a Russia-linked nation-state actor called APT28. "The campaign sent emails with content intended to arouse the recipient's interest and persuade him to click on the link," the computer emergency response team, CERT … [Read more...] about Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign
How to protect yourself from phishing and malware on GitHub and GitLab
One of the oldest security tips is: “Only download software from official sources”. “Official sources” are usually the main app stores on each platform, but for millions of useful and free open-source apps, the most “official” source is the developer’s repository on a dedicated site such as GitHub or GitLab. There, you can find the project’s source code, fixes and additions to … [Read more...] about How to protect yourself from phishing and malware on GitHub and GitLab