In recent months, we have encountered a number of cases where attackers inject malware into website software that allows for custom or miscellaneous code — for example, the miscellaneous scripts area of the Magento admin panel, or WordPress plugins such as Custom CSS & JS. Custom script editors are popular with bad actors because they […]
First encountered in December 2019, JsOutProx is a RAT and highly obfuscated JavaScript backdoor that allows its operators to run shell commands, download additional payloads, execute files, capture screenshots, establish persistence, and more.
Security researchers have encountered a new cryptojacking campaign that uses a new piece of malware called Migo that targets Redis servers on Linux hosts. The campaign came to light after Cado Security researchers noticed new commands exploiting Redis systems in the wild. Initial access According to Cado security, Migo is distributed as a Golang ELF […]
FortiGuard Labs researchers recently encountered a new Lumma Stealer campaign that leverages YouTube channels for propagation. The attackers are strategically compromising YouTube accounts and uploading videos that pretend to offer cracked software for legitimate video editing tools such as Vegas Pro. Modus operandi According to researchers, these videos contain embedded malicious URLs, enticing users to […]
Barracuda Networks recently encountered a challenge as it uncovered two zero-day vulnerabilities, specifically CVE-2023-7102 and CVE-2023-7101. These Barracuda vulnerabilities were intricately linked to the Spreadsheet::ParseExcel library, revealing an Arbitrary Code Execution (ACE) flaw in the third-party library. Exploited by the China Nexus actor UNC4841, these security flaws posed a serious threat by targeting Barracuda Email […]
Researchers have encountered a new phishing campaign that is being used to distribute the notorious Remcos RAT. The malware is disguised as a payslip to trick users. Modus operandi According to ASEC researchers, the phishing emails are sent with the subject name ‘This is a confirmation document for your payment transfer’ to deceive the recipients. […]
Research by: Niv Asraf Abstract In the last two months, Check Point researchers encountered a new large-scale phishing campaign that recently targeted more than 40 prominent companies across multiple industries, in Colombia. The attackers’ objective was to discreetly install the notorious “Remcos” malware on victims’ computers. Remcos, a sophisticated “Swiss Army Knife” RAT, grants attackers […]