Nov 08, 2023NewsroomSupply Chain / Software Security A new set of malicious Python packages has slithered their way to the Python Package Index (PyPI) repository with the ultimate aim of stealing sensitive information from compromised developer systems. The packages masquerade as seemingly innocuous obfuscation tools, but harbor a piece of malware called BlazeStealer, … [Read more...] about BlazeStealer Malware Discovered in Python Packages on PyPI
Malware
Malware, fake specs, and other problems with cheap Android devices
The temptation to save money when buying expensive devices is, well, tempting — gadgets from little-known brands can offer the same spec at a fraction of the price of more popular makes, while having an Android set-top box or Android TV can cut costs on a range of subscriptions. Unfortunately, cheap devices — much like a free lunch — often come with a catch, so it’s important … [Read more...] about Malware, fake specs, and other problems with cheap Android devices
New GootLoader Malware Variant Evades Detection and Spreads Rapidly
Nov 07, 2023NewsroomEndpoint Security / Malware A new variant of the GootLoader malware called GootBot has been found to facilitate lateral movement on compromised systems and evade detection. "The GootLoader group's introduction of their own custom bot into the late stages of their attack chain is an attempt to avoid detections when using off-the-shelf tools for C2 such as … [Read more...] about New GootLoader Malware Variant Evades Detection and Spreads Rapidly
StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices
An advanced strain of malware masquerading as a cryptocurrency miner has managed to fly the radar for over five years, infecting no less than one million devices around the world in the process. That's according to findings from Kaspersky, which has codenamed the threat StripedFly, describing it as an "intricate modular framework that supports both Linux and Windows." The … [Read more...] about StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices
Malicious NuGet Packages Caught Distributing SeroXen RAT Malware
Oct 31, 2023NewsroomSoftware Security / Malware Cybersecurity researchers have uncovered a new set of malicious packages published to the NuGet package manager using a lesser-known method for malware deployment. Software supply chain security firm ReversingLabs described the campaign as coordinated and ongoing since August 1, 2023, while linking it to a host of rogue NuGet … [Read more...] about Malicious NuGet Packages Caught Distributing SeroXen RAT Malware
Iranian APT Group OilRig Using New Menorah Malware for Covert Operations
Sep 30, 2023THNCyber Espionage / Malware Sophisticated cyber actors backed by Iran known as OilRig have been linked to a spear-phishing campaign that infects victims with a new strain of malware called Menorah. "The malware was designed for cyberespionage, capable of identifying the machine, reading and uploading files from the machine, and downloading another file or … [Read more...] about Iranian APT Group OilRig Using New Menorah Malware for Covert Operations
New Advanced Backdoor with Distinctive Malware Tactics
Sep 23, 2023THNCyber Espionage / Malware Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign. "Deadglyph's architecture is unusual as it consists of cooperating components – one a native x64 binary, the other a .NET assembly," ESET said … [Read more...] about New Advanced Backdoor with Distinctive Malware Tactics
Protecting Your Microsoft IIS Servers Against Malware Attacks
Microsoft Internet Information Services (IIS) is a web server software package designed for Windows Server. Organizations commonly use Microsoft IIS servers to host websites, files, and other content on the web. Threat actors increasingly target these Internet-facing resources as low-hanging fruit for finding and exploiting vulnerabilities that facilitate access to IT … [Read more...] about Protecting Your Microsoft IIS Servers Against Malware Attacks
New Python Variant of Chaes Malware Targets Banking and Logistics Industries
Sep 05, 2023THNCyber Threat / Malware Banking and logistics industries are under the onslaught of a reworked variant of a malware called Chaes. "It has undergone major overhauls: from being rewritten entirely in Python, which resulted in lower detection rates by traditional defense systems, to a comprehensive redesign and an enhanced communication protocol," Morphisec said in … [Read more...] about New Python Variant of Chaes Malware Targets Banking and Logistics Industries
Russian State-Backed ‘Infamous Chisel’ Android Malware Targets Ukrainian Military
Cybersecurity and intelligence agencies from Australia, Canada, New Zealand, the U.K., and the U.S. on Thursday disclosed details of a mobile malware strain targeting Android devices used by the Ukrainian military. The malicious software, dubbed Infamous Chisel and attributed to a Russian state-sponsored actor called Sandworm, has capabilities to "enable unauthorized access to … [Read more...] about Russian State-Backed ‘Infamous Chisel’ Android Malware Targets Ukrainian Military