malware

Pierluigi Paganini October 15, 2024
A new Linux variant of FASTCash malware targets financial systems

North Korea-linked actors deploy a new Linux variant of FASTCash malware to target financial systems, researcher HaxRob revealed. The cybersecurity researcher HaxRob analyzed a new variant of the FASTCash “payment switch” malware which targets Linux systems. The variant discovered by the researcher was previously unknown and targets Ubuntu 22.04 LTS distributions. In November 2018, Symantec […]

Pierluigi Paganini October 13, 2024
Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A cyber attack hit Iranian government sites and nuclear facilities Ransomware operators exploited Veeam Backup & Replication flaw […]

Pierluigi Paganini October 12, 2024
Ransomware operators exploited Veeam Backup & Replication flaw CVE-2024-40711 in recent attacks

Sophos reports ransomware operators are exploiting a critical code execution flaw in Veeam Backup & Replication. Sophos researchers warn that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. In early September 2024, Veeam released security updates to address multiple vulnerabilities impacting its products, […]

Pierluigi Paganini October 11, 2024
Iran and China-linked actors used ChatGPT for preparing attacks

OpenAI disrupted 20 cyber and influence operations in 2023, revealing Iran and China-linked actors used ChatGPT for planning ICS attacks. OpenAI announced the disruption of over 20 cyber and influence operations this year, involving Iranian and Chinese state-sponsored hackers. The company uncovered the activities of three threat actors abusing ChatGPT to launch cyberattacks. One of […]

Pierluigi Paganini October 10, 2024
E-skimming campaign uses Unicode obfuscation to hide the Mongolian Skimmer

Jscrambler researchers found a skimming campaign using unique JavaScript obfuscation with accented characters to hide a skimmer named Mongolian Skimmer. Jscrambler researchers uncovered a skimming campaign using unique JavaScript obfuscation with accented characters to hide a skimmer dubbed ‘Mongolian Skimmer.’ The attackers used unusual Unicode characters for variables and function names. The skimmer was named […]

Pierluigi Paganini October 09, 2024
Awaken Likho APT group targets Russian government with a new implant

A threat actor tracked as Awaken Likho is targeting Russian government agencies and industrial entities, reported cybersecurity firm Kaspersky. A recent investigation by Kaspersky researchers into the APT group Awaken Likho (aka Core Werewolf and PseudoGamaredon) uncovered a new campaign from June to August 2024, showing a shift from UltraVNC to the MeshCentral platform for […]

Pierluigi Paganini October 08, 2024
Ukrainian national pleads guilty in U.S. court for operating the Raccoon Infostealer

Ukrainian national pleads guilty in U.S. court for operating the Raccoon Infostealer, used to steal sensitive data globally. Ukrainian national Mark Sokolovsky has pleaded guilty in a US court to operating the Raccoon Infostealer. In October 2020, the US Justice Department charged Sokolovsky with computer fraud for allegedly infecting millions of computers with the Raccoon Infostealer. […]

Pierluigi Paganini October 08, 2024
Qualcomm fixed a zero-day exploited limited, targeted attacks

Qualcomm warns of 20 flaws in its products, including a potential zero-day vulnerability, in the DSP service that impacts multiple chipsets. Qualcomm addressed 20 vulnerabilities in its products, including a potential zero-day issue tracked as CVE-2024-43047 (CVSS score 7.8). The vulnerability stems from a use-after-free bug that could lead to memory corruption. The zero-day vulnerability […]

Pierluigi Paganini October 07, 2024
FBCS data breach impacted 238,000 Comcast customers

238,000 Comcast customers were impacted by the FBCS data breach following the February ransomware attack, Comcast reports. Telecommunications giant Comcast is notifying approximately 238,000 customers impacted by the Financial Business and Consumer Solutions (FBCS) data breach. FBCS, a third-party debt collection agency, collects personal information from its clients to facilitate debt collection activities on behalf […]

Pierluigi Paganini October 06, 2024
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 14

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Rhadamanthys Stealer Adds Innovative AI Feature in Version 0.7.0 Threat Actors leverage Docker Swarm and Kubernetes to […]