Cyberattacks

Cyberattacks 3 May, 2021    By - Jerry
North Korean-backed Lazarus Group Attack Freighters With New Vyveva Malware

North Korean-back Lazarus Group has been using a new malware with backdoor capabilities in an ongoing campaign against South African freighters and logistics companies. The malware, dubbed Vyveva, was first reported on by researchers at ESAT last year. While Vyveva was only found on a handful of freighters by ESAT, it is understood that the […]

Read More
Cyberattacks 3 May, 2021    By - Jerry
Millions of IoT Devices at Risk From NAME:WRECK Exploits

Exploits are looming over 100 million IoT devices under threat from 9 newly discovered DNS vulnerabilities, discovered by Forescout Research Labs and JSOF and collectively dubbed NAME:WRECK. The NAME:WRECK exploits affect four well-known TCP/IP stacks, each present in popular IT software and IoT firmware. The exploits impact organizations in multiple sectors, from government to healthcare, manufacturing, and retail, and if […]

Read More
Cyberattacks 3 May, 2021    By - Jerry
SolarMarker RAT Pushed On 100,000 Google Sites

The SolarMarker RAT is making its way around many websites due to some clever manipulation of Google’s SEO ratings. The attack starts with the potential victim performing a search for business forms such as invoices, questionnaires, and receipts. The attack campaign lays traps for potential victims using Google search redirection and drive-by-download. When a person visits one […]

Read More
Cyberattacks 3 May, 2021    By - Jerry
New Saint Bot Malware Downloader Proliferates Via Phishing Emails

Anew malware has surfaced in the wild, dubbed Saint Bot. The Saint Bot Malware is deployed via phishing emails and aims to deploy credential stealers and download other malware strains onto target devices. Saint Bot was first spotted in January 2021; however, a surge of reports of infections along with the strain showing new features points […]

Read More
Cyberattacks 3 May, 2021    By - Jerry
NSA Warns Of 5 Security Exploits Being Used By Russia

United States government security agencies, including the NSA, have released a joint advisory warning citizens of the most threatening security exploits being used by the Russian Foreign Intelligence Service (SVR). The SVR’s cyber department has previously been nicknamed Cozy Bear, APT29, and The Dukes by various cybersecurity researchers who have tracked them over the years. Unsurprisingly, Cozy Bear is […]

Read More
Cyberattacks 3 May, 2021    By - Jerry
BazarLoader Malware Targets Slack and Basecamp

The BazarLoader Malware is engaging in a campaign that targets users of work collaboration tools Slack and Basecamp. The attack utilizes email messages with links to malware payloads. Slack is a popular tool used for communication amongst teams, particularly those who work remotely. Basecamp focuses on project management but also allows for team communication. Similar to Slack, Basecamp is popular amongst […]

Read More
Cyberattacks 19 May, 2021    By - Jerry
Ryuk Ransomware Gets Updated Attack Vector Options

Recent attacks from the gang behind the Ryuk Ransomware have shown that the notorious virus has been updated to contain a new attack vector when it comes to gaining initial access to a victim’s network. According to BleepingComputer, “The trend observed in attacks this year reveals a predilection towards targeting hosts with remote desktop connections exposed on the […]

Read More
Cyberattacks 19 May, 2021    By - Jerry
Gafgyt Botnet Absorbs Code From Notorious Mirai Strain

The Gafgyt botnet, known for attacks using IoT devices, has absorbed code from the Mirai botnet. The latter also focuses on using IoT devices in its arsenal and released its code publicly several years ago. Researchers have discovered updated variants of Gafgyt using several functions ripped straight from Mirai, allowing Gafgyt to compromise Huawei, Realtek, and Dasan GPON devices. […]

Read More
Cyberattacks 19 May, 2021    By - Jerry
Apple Likely To Meet REvil Ransomware Demands As Gang Escalates Global Attacks

The gang behind the REvil Ransomware malware strain, Sodin, continue their global attacks into 2021 after demanding Apple pay a $50 Million ransom by May 1st. Despite initially being declined by Apple, the ransomware gang put the squeeze on the tech giant, leaking details of new products just hours before one of Apple’s yearly product unveilings. The original […]

Read More
Cyberattacks 19 May, 2021    By - Jerry
Hackers Breach Codecov supply-chain, Exposing Hundreds of Networks

Hackers have breached popular code analysis platform Codecov, modifying the Bash Uploader script and exposing sensitive information in customers’ continuous integration (CI) environment. The attack went unnoticed for some time; Codecov noticed the breach in April, yet the modifications were made in early January. Codecov provides tools that help developers measure how much of the source […]

Read More