The financially-motivated hacking group FIN6 is switching tactics, passing from PoS attacks to the hack of e-commerce websites. According to researchers at IBM X-Force Incident Response and Intelligence Services (IRIS), the financially-motivated hacking group FIN6 is switching tactics, passing from PoS attacks to the hack of e-commerce websites. FIN6 group has been active since 2015, […]
Security experts at FireEye observed Chinese APT41 APT group targeting a web server at a U.S.-based research university. Experts at FireEye observed Chinese APT41 APT group targeting a web server at a U.S.-based research university. The APT41 has been active since at least 2012, it was involved in both state-sponsored espionage campaigns and financially-motivated attacks […]
Webmin, the popular open-source web-based interface for Unix admin contained a remote code execution vulnerability for more than a year. Webmin is an open-source web-based interface for system administration for Linux and Unix. It allows users using web browsers to set up user accounts, Apache, DNS, file sharing and much more. News of the day […]
Apparently financially-motivated threat actors carried out a long-term campaign against the Balkans involving a backdoor and a RAT to compromise the targets. Security experts from ESET uncovered a long-running campaign carried out by a financially-motivated threat actor. The attackers combined a backdoor dubbed BalkanDoor and a remote access Trojan tracked as BalkanRAT to take control […]
The developer Tute Costa found a backdoor in the Ruby library during regular security audits before deploying his code in the production environment. The developer Tute Costa found a backdoor in the Ruby library during regular security audits. The dangerous code was used to check the password strength of user-chosen passwords when the library was being […]
Researchers at Network Security Research Lab of Qihoo 360 discovered a Lua-based backdoor dubbed Godlua that targets both Linux and Windows systems. The peculiarity of this new piece of malware is the ability to communicate with C2 servers via DNS over HTTPS (DoH). The DoH protocol was a new standard proposed in October 2018 and it is […]
The Platinum cyber espionage group uses steganographic technique to hide communications with the Command and Control Servers (C&C). Experts from Kaspersky have linked the Platinum APT group with cyber attacks involving an elaborate, and new steganographic technique used to hide communications with C2 servers. The APT group was discovered by Microsoft in 2016, it targeted organizations […]
Russia-linked APT group Turla has been using a sophisticated backdoor, dubbed LightNeuron, to hijack Microsoft Exchange mail servers. Russia-linked APT group Turla has been using a sophisticated backdoor, dubbed LightNeuron, to hijack Microsoft Exchange mail servers. Turla group (also known as Waterbug, Venomous Bear and KRYPTON) has been active since at least 2007 targeting government […]
Huawei made the headlines again, Vodafone identified backdoors in software that could have handed Huawei unauthorized access to the carrier’s fixed-line network. According to Bloomberg, Vodafone identified hidden backdoors in software that could have handed Huawei unauthorized access to the carrier’s fixed-line network in Italy used to connect to the internet. “Now Vodafone Group Plc […]
Experts at Kaspersky Lab linked the recent supply-chain attack targeted ASUS users to the “ShadowPad” threat actor and the CCleaner incident. Security researchers at Kaspersky Lab linked the recent supply-chain attack that hit ASUS users (tracked as Operation ShadowHammer) to the “ShadowPad” threat actor. Experts also linked the incident to the supply chain attack that […]