Researchers at SentinelOne have noticed a potential cyberespionage group, whose origins are unclear (as of now), and employed modular backdoors and covert techniques to target telecommunication firms in the Middle East, Western Europe, and South Asia. This group, labeled Sandman APT, utilizes a new backdoor named LuaJIT, which is a just-in-time compiler for the Lua […]
In the latest cybersecurity news, researchers have found a new Python malware targeting Tatar language-speaking users. The Tatar language is a Turkic language spoken primarily by the Tatars, an ethnic group in Russia and neighboring countries. This Python malware strain, sourced by Cyble, can capture screenshots on the victim’s systems and send them over to […]
Sep 23, 2023THNCyber Espionage / Malware Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign. “Deadglyph’s architecture is unusual as it consists of cooperating components – one a native x64 binary, the other a .NET assembly,” ESET […]
Fraud Management & Cybercrime , Government , Healthcare Researchers Say Breach Illustrates Why Schools Are Major Targets for Cybercriminals Marianne Kolbasuk McGee (HealthInfoSec) • September 21, 2023 Image: Lakeland Community College An Ohio community college is notifying 290,000 people of a data theft breach this spring that may have compromised their personal, financial […]
Researchers have come across a new email phishing campaign that distributes a new ValleyRAT malware alongside Sainbox RAT and Purple Fox malware onto the victim’s systems. Active since the beginning of 2023, the campaign has been targeting Chinese-speaking users. So far, the researchers have observed over 30 attack campaigns leveraging these malware families and 20 […]
Sep 20, 2023THNKubernetes / Supply Chain Attack Cybersecurity researchers have discovered a fresh batch of malicious packages in the npm package registry that are designed to exfiltrate Kubernetes configurations and SSH keys from compromised machines to a remote server. Sonatype said it has discovered 14 different npm packages so far: @am-fe/hooks, @am-fe/provider, @am-fe/request, @am-fe/utils, @am-fe/watermark, […]
Researchers have uncovered fresh malware samples attributed to ransomware group Cuba, representing new versions of BurntCigar malware, which offers next-level stealth to the group. Researchers at Kaspersky uncovered the malware in an ongoing investigation, after first detecting an incident on a client’s system in December. The attack chain ultimately led to the loading of a […]
Research by: Niv Asraf Abstract In the last two months, Check Point researchers encountered a new large-scale phishing campaign that recently targeted more than 40 prominent companies across multiple industries, in Colombia. The attackers’ objective was to discreetly install the notorious “Remcos” malware on victims’ computers. Remcos, a sophisticated “Swiss Army Knife” RAT, grants attackers […]
Check Point researchers have discovered hackers exploiting Google Looker Studio to create fraudulent cryptocurrency phishing websites. These phishing sites target digital asset holders, leading to compromised accounts and financial losses. Google Looker Studio (previously known as Data Studio, is an online tool for converting data from spreadsheets and various sources into customizable reports. Scam tactics […]