North Korean-back Lazarus Group has been using a new malware with backdoor capabilities in an ongoing campaign against South African freighters and logistics companies. The malware, dubbed Vyveva, was first reported on by researchers at ESAT last year. While Vyveva was only found on a handful of freighters by ESAT, it is understood that the […]
Read MoreExploits are looming over 100 million IoT devices under threat from 9 newly discovered DNS vulnerabilities, discovered by Forescout Research Labs and JSOF and collectively dubbed NAME:WRECK. The NAME:WRECK exploits affect four well-known TCP/IP stacks, each present in popular IT software and IoT firmware. The exploits impact organizations in multiple sectors, from government to healthcare, manufacturing, and retail, and if […]
Read MoreThe SolarMarker RAT is making its way around many websites due to some clever manipulation of Google’s SEO ratings. The attack starts with the potential victim performing a search for business forms such as invoices, questionnaires, and receipts. The attack campaign lays traps for potential victims using Google search redirection and drive-by-download. When a person visits one […]
Read MoreAnew malware has surfaced in the wild, dubbed Saint Bot. The Saint Bot Malware is deployed via phishing emails and aims to deploy credential stealers and download other malware strains onto target devices. Saint Bot was first spotted in January 2021; however, a surge of reports of infections along with the strain showing new features points […]
Read MoreUnited States government security agencies, including the NSA, have released a joint advisory warning citizens of the most threatening security exploits being used by the Russian Foreign Intelligence Service (SVR). The SVR’s cyber department has previously been nicknamed Cozy Bear, APT29, and The Dukes by various cybersecurity researchers who have tracked them over the years. Unsurprisingly, Cozy Bear is […]
Read MoreThe BazarLoader Malware is engaging in a campaign that targets users of work collaboration tools Slack and Basecamp. The attack utilizes email messages with links to malware payloads. Slack is a popular tool used for communication amongst teams, particularly those who work remotely. Basecamp focuses on project management but also allows for team communication. Similar to Slack, Basecamp is popular amongst […]
Read MoreRecent attacks from the gang behind the Ryuk Ransomware have shown that the notorious virus has been updated to contain a new attack vector when it comes to gaining initial access to a victim’s network. According to BleepingComputer, “The trend observed in attacks this year reveals a predilection towards targeting hosts with remote desktop connections exposed on the […]
Read MoreThe Gafgyt botnet, known for attacks using IoT devices, has absorbed code from the Mirai botnet. The latter also focuses on using IoT devices in its arsenal and released its code publicly several years ago. Researchers have discovered updated variants of Gafgyt using several functions ripped straight from Mirai, allowing Gafgyt to compromise Huawei, Realtek, and Dasan GPON devices. […]
Read MoreThe gang behind the REvil Ransomware malware strain, Sodin, continue their global attacks into 2021 after demanding Apple pay a $50 Million ransom by May 1st. Despite initially being declined by Apple, the ransomware gang put the squeeze on the tech giant, leaking details of new products just hours before one of Apple’s yearly product unveilings. The original […]
Read MoreHackers have breached popular code analysis platform Codecov, modifying the Bash Uploader script and exposing sensitive information in customers’ continuous integration (CI) environment. The attack went unnoticed for some time; Codecov noticed the breach in April, yet the modifications were made in early January. Codecov provides tools that help developers measure how much of the source […]
Read More