An advanced persistent threat (APT) actor codenamed ToddyCat has been linked to a string of attacks aimed at high-profile entities in Europe and Asia since at least December 2020. The relatively new adversarial collective is said to have commenced its operations by targeting Microsoft Exchange servers in Taiwan and Vietnam using an unknown exploit to deploy the China Chopper … [Read more...] about New ToddyCat Hacker Group on Experts’ Radar After Targeting MS Exchange Servers
Targeting
A New Golang-based Peer-To-Peer Botnet Targeting Linux Servers
A new Golang-based peer-to-peer (P2P) botnet has been spotted actively targeting Linux servers in the education sector since its emergence in March 2022. Dubbed Panchan by Akamai Security Research, the malware "utilizes its built-in concurrency features to maximize spreadability and execute malware modules" and "harvests SSH keys to perform lateral movement." The … [Read more...] about A New Golang-based Peer-To-Peer Botnet Targeting Linux Servers
A Stealthy Linux Malware Targeting Latin American Financial Sector
Cybersecurity researchers have taken the wraps off what they call a "nearly-impossible-to-detect" Linux malware that could be weaponized to backdoor infected systems. Dubbed Symbiote by threat intelligence firms BlackBerry and Intezer, the stealthy malware is so named for its ability to conceal itself within running processes and network traffic and drain a victim's resources … [Read more...] about A Stealthy Linux Malware Targeting Latin American Financial Sector
10 Most Prolific Banking Trojans Targeting Hundreds of Financial Apps with Over a Billion Users
10 of the most prolific mobile banking trojans have set their eyes on 639 financial applications that are available on the Google Play Store and have been cumulatively downloaded over 1.01 billion times. Some of the most targeted apps include Walmart-backed PhonePe, Binance, Cash App, Garanti BBVA Mobile, La Banque Postale, Ma Banque, Caf - Mon Compte, Postepay, and BBVA … [Read more...] about 10 Most Prolific Banking Trojans Targeting Hundreds of Financial Apps with Over a Billion Users
Russian Hackers Targeting Diplomatic Entities in Europe, Americas, and Asia
A Russian state-sponsored threat actor has been observed targeting diplomatic and government entities as part of a series of phishing campaigns commencing on January 17, 2022. Threat intelligence and incident response firm Mandiant attributed the attacks to a hacking group tracked as APT29 (aka Cozy Bear), with some set of the activities associated with the crew assigned the … [Read more...] about Russian Hackers Targeting Diplomatic Entities in Europe, Americas, and Asia
U.S. Warns of APT Hackers Targeting ICS/SCADA Systems with Specialized Malware
The U.S. government on Wednesday warned of nation-state actors deploying specialized malware to maintain access to industrial control systems (ICS) and supervisory control and data acquisition (SCADA) devices. "The APT actors have developed custom-made tools for targeting ICS/SCADA devices," multiple U.S. agencies said in an alert. "The tools enable them to scan for, … [Read more...] about U.S. Warns of APT Hackers Targeting ICS/SCADA Systems with Specialized Malware
Researchers warn of FFDroider and Lightning info-stealers targeting users in the wild
Cybersecurity researchers are warning of two different information-stealing malware, named FFDroider and Lightning Stealer, that are capable of siphoning data and launching further attacks. "Designed to send stolen credentials and cookies to a Command & Control server, FFDroider disguises itself on victim's machines to look like the instant messaging application … [Read more...] about Researchers warn of FFDroider and Lightning info-stealers targeting users in the wild
First Malware Targeting AWS Lambda Serverless Platform Discovered
A first-of-its-kind malware targeting Amazon Web Services' (AWS) Lambda serverless computing platform has been discovered in the wild. Dubbed "Denonia" after the name of the domain it communicates with, "the malware uses newer address resolution techniques for command and control traffic to evade typical detection measures and virtual network access controls," Cado Labs … [Read more...] about First Malware Targeting AWS Lambda Serverless Platform Discovered
Another Chinese Hacking Group Spotted Targeting Ukraine Amid Russia Invasion
A Chinese-speaking threat actor called Scarab has been linked to a custom backdoor dubbed HeaderTip as part of a campaign targeting Ukraine since Russia embarked on an invasion last month, making it the second China-based hacking group after Mustang Panda to capitalize on the conflict. "The malicious activity represents one of the first public examples of a Chinese threat actor … [Read more...] about Another Chinese Hacking Group Spotted Targeting Ukraine Amid Russia Invasion
New Variant of Russian Cyclops Blink Botnet Targeting ASUS Routers
ASUS routers have emerged as the target of a nascent botnet called Cyclops Blink, almost a month after it was revealed the malware abused WatchGuard firewall appliances as a stepping stone to gain remote access to breached networks. According to a new report published by Trend Micro, the botnet's "main purpose is to build an infrastructure for further attacks on high-value … [Read more...] about New Variant of Russian Cyclops Blink Botnet Targeting ASUS Routers