The Iran-linked APT33 group continues to be very active, security researchers at Cyberbit have discovered an Early Bird code injection technique used by the group. The Early Bird method was used to inject the TurnedUp malware into the infected systems evading security solutions. The technique allows injecting a malicious code into a legitimate process, it allows execution […]
Microsoft Office documents created with the exploit builder kit dubbed ThreadKit now include the code for CVE-2018-4878 flaw exploitation. At the end of March, security experts at Proofpoint discovered a Microsoft Office document exploit builder kit dubbed ThreadKit that has been used to spread a variety of malware, including banking Trojans and RATs (i.e. Trickbot, Chthonic, FormBook and Loki Bot). […]
Researchers at FireEye have spotted a hacking campaign leveraging compromised websites to spread fake updates for popular software that were also used to deliver the NetSupport Manager RAT. NetSupport is an off-the-shelf RAT that could be used by system admins for remote administration of computers. In the past, crooks abuse this legitimate application to deploy malware on victim’s […]
A new variant of the infamous Agent Tesla spyware was spotted by experts at Fortinet, the malware has been spreading via weaponize Microsoft Word documents. Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. To do this, the spyware […]
Early this year at least three European financial institutions were hit by DDoS attacks powered by a new variant of the Mirai botnet. A variant of the Mirai botnet, composed at lease of 13,000 compromised IoT devices was used to launch a series of DDoS attacks against financial sector businesses. The DDoS attacks peaked at up […]
VirusTotal announced on Thursday the launch of a new Android sandbox, named Droidy sandbox, that will replace the previous one that was designed in 2013. “Recently we called out Additional crispinness on the MacOS box of apples sandbox, continuing with our effort to improve our malware behavior analysis infrastructure we are happy to announce […]
Security experts at Trend Micro have discovered a new macOS backdoor that they linked to the APT 32 (OceanLotus, APT-C-00, SeaLotus, and Cobalt Kitty) cyber espionage group. The APT32 group has been active since at least 2013, according to the experts it is a state-sponsored hacking group. The hackers hit organizations across multiple industries and have also targeted foreign […]
The North Korea-linked APT group known as Lazarus made the headlines again for attacking an online casino in Central America and other targets. The activity of the Lazarus Group (aka Hidden Cobra) surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. […]
Security researchers discovered a new Android Remote Access Trojan (RAT) dubbed KevDroid that can steal private data and record phone calls. Security researchers at South Korean cybersecurity firm ESTsecurity have discovered a new strain of Android Trojan KevDroid that is being distributed disguised as a fake anti-virus application, dubbed “Naver Defender.” “Spear phishing attacks targeting Android […]
Researchers at Trend Micro recently discovered a new strain of Android miner dubbed ANDROIDOS HIDDENMINER that can brick infected devices Crooks are looking with increasing interest cryptocurrency mining malware developed for mobile devices. Researchers at Trend Micro recently discovered a new strain of Android malware dubbed ANDROIDOS HIDDENMINER that abuse device CPU to mine Monero cryptocurrency. HiddenMiner […]