North Korea-linked Lazarus Group targeted employees of an unnamed nuclear-related organization in January 2024. Kaspersky researchers observed the North Korea-linked Lazarus Group targeting at least two employees associated with the same nuclear-related organization over the course of one month. The experts believe the attacks are part the cyber espionage campaign Operation Dream Job (aka NukeSped), […]
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion  Spyware distributed through Amazon Appstore BADBOX Botnet Is Back Supply Chain Attack on Rspack npm Packages Injects Cryptojacking Malware 4.5 Million (Suspected) Fake Stars in GitHub: A Growing […]
Experts uncovered a botnet of 190,000 Android devices infected by BadBox bot, primarily Yandex smart TVs and Hisense smartphones. Bitsight researchers uncovered new BADBOX infrastructure, company’s telemetry shows that over 192,000 devices were infected with the BADBOX bot. The botnet includes 160,000 previously unseen devices, notably Yandex 4K QLED Smart TVs and T963 Hisense Smartphones. Most […]
Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sentenced to 20 years in prison for his role in NetWalker ransomware attacks. Hulea pleaded guilty to computer fraud conspiracy and wire fraud conspiracy on […]
Raccoon Infostealer operator Mark Sokolovsky was sentenced to 60 months in US prison and ordered to pay over $910,000 in restitution. The US Department of Justice sentenced the Ukrainian national Mark Sokolovsky (28) for his role in the distribution of the Raccoon Infostealer malware. “Ukrainian national Mark Sokolovsky was sentenced today to 60 months in […]
Juniper Networks warns that a Mirai botnet is targeting SSR devices with default passwords after unusual activity was reported on December 11, 2024. Juniper Networks is warning that a Mirai botnet is targeting Session Smart Router (SSR) products with default passwords. Multiple customers reported anomalous activity on their Session Smart Network (SSN) platforms on December […]
Texas Tech University reports a data breach affecting 1.4 million, exposing personal, health, and financial data from its health sciences centers. Texas Tech University disclosed a data breach that impacted over 1.4 million individuals following a cyber attack. The security breach exposed the personal, health, and financial data from its health sciences centers, the Health […]
The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) to warn of HiatusRAT malware campaigns targeting Chinese-branded web cameras and DVRs. The report includes a set of recommendations to mitigate the exposure to the […]
Researchers warn of previously undetected surveillance spyware, named NoviSpy, that was found infecting a Serbian journalist’s phone. In February 2024, Serbian journalist SlaviĆĄa Milanov was summoned to a police station after a routine traffic stop. After the police released him, Milanov noticed suspicious changes to his phone settings, such as disabled data and Wi-Fi. Then […]
Researchers discovered PUMAKIT, a Linux rootkit capable of hiding files, escalating privileges, and evading system tools and detection. Elastic Security Lab researchers discovered a new loadable kernel module (LKM) rootkit called PUMAKIT that supports advanced evasion mechanisms. PUMAKIT features a multi-stage design including a dropper, memory-resident executables, and a rootkit. It leverages an LKM rootkit named […]