Experts at Akamai have identified a running Fast Flux botnet composed of over 14,000 compromised systems used to spread malware. Experts at Akamai have identified a running botnet of over 14,000 compromised systems used to spread malware. The botmasters implemented a technique dubbed Fast Flux to make the infrastructure hard to take down. Treat actors […]
Equifax service set up for obtaining free and discounted credit reports had been redirecting users to websites offering a fake Flash Player installer. The independent security analyst Randy Abrams discovered an Equifax service set up for obtaining free and discounted credit reports had been redirecting users to websites offering a fake Flash Player installer. âAs I […]
Security researchers from Kaspersky Lab have discovered a new strain of ATM malware dubbed ATMii that could be used to empty an ATM. Security researchers from Kaspersky Lab have discovered a new strain of ATM malware dubbed ATMii. The ATMii malware was discovered in April this year, it implements an injector module (exe.exe) and the module to be injected (dll.dll). Crooks can […]
Crooks are spreading the FormBook malware to target aerospace firms, defense contractors and some manufacturing organizations in the US and South Korea. According to researchers at FireEye, FormBook was spotted in several high-volume distribution campaigns targeting aim at Aerospace, Defense Contractor, and Manufacturing industries. The phishing emails that targeted US entities contain PDF, DOC or […]
Security experts from Proofpoint have uncovered a malvertising actor named KovCoreG group that is spreading the Kovter malware via fake browser and Flash updates. Security researchers from Proofpoint have uncovered a malvertising group dubbed KovCoreG that is spreading the Kovter malware via fake browser and Flash updates. The Kovter malware is used in Ad fraud campaigns, victims were infected by simply clicking […]
Russian hackers allegedly exploited Kaspersky AV to hack into NSA contractor and steal the NSA exploit code. It complicates Kaspersky’s position. Anonymous sources have claimed Russian intelligence extracted NSA exploits from a US government contractor’s home PC using Kaspersky Lab software. Sources told the Wall Street Journal that a malicious code allowed cyber spies to exfiltrate classified code, […]
Security researchers with Trend Micro discovered a backdoor dubbed SYSCON that uses an FTP server for command and control (C&C) purposes. The SYSCON backdoor is spreading through tainted documents that refer North Korea and target individuals connected to the Red Cross and the World Health Organization. The use of an FTP server as C&C is uncommon for […]
The CSE CybSec Z-Lab Malware Lab analyzed the Hospitality malware used by the Russian APT28 group to target hotels in several European countries. The Russian hacker group APT28, also known as Sofacy or Fancy Bear, is believed to be behind a series of attacks in last July against travelers staying in hotels in Europe and Middle […]
Researchers from security firm Intezer speculate that the attack was powered by nation-state actor, likely the Chinese APT17 group. Security experts continue to investigate the recent attack against the supply chain of the popular software CCleaner. The hackers first compromised in July a CCleaner server, then exploited it to deliver a backdoored version of the 32-bit CCleaner […]
Experts from Sucuri discovered crooks are spreading a fake WordPress plugin dubbed X-WP-SPAM-SHIELD-PRO containing a backdoor. A fake WordPress plugin dubbed X-WP-SPAM-SHIELD-PRO containing a backdoor was spread by crooks abusing the popularity of WP-SpamShield Anti-Spam, a WordPress antispam tool. The WP-SpamShield Anti-Spam plugin has over 100,000 installs for this reason attackers decided to abuse it. Researchers with Sucuri that discovered that […]