Threat actors are selling a new crypter and loader called ASMCrypt, which has been described as an “evolved version” of another loader malware known as DoubleFinger. “The idea behind this type of malware is to load the final payload without the loading process or the payload itself being detected by AV/EDR, etc.,” Kaspersky said in […]
Threat actors are selling a new crypter and loader called ASMCrypt, which has been described as an “evolved version” of another loader malware known as DoubleFinger. “The idea behind this type of malware is to load the final payload without the loading process or the payload itself being detected by AV/EDR, etc.,” Kaspersky said in […]
A high-severity remote code execution (RCE) vulnerability in Apache NiFi, for which an exploitation tool already exists, can lead to unauthorized access and data breaches, cybersecurity firm Cyfirma warns. An open-source data integration and automation tool, Apache NiFi is used for the processing and distribution of data. Tracked as CVE-2023-34468 (CVSS score of 8.8) and […]
Security processes are increasingly automated which has led some businesses to deprioritize developing their security teams’ defense skills. While antivirus and non-human generated threat detections efficiently identify vulnerabilities, they cannot detect every single threat. With the rising number of cyber-attacks, organizations must make sure they are ready to defend themselves. That means equipping cybersecurity teams […]
Introduction HijackLoader is a new malware loader, which has grown in popularity over the past few months. Even though HijackLoader does not contain advanced features, it is capable of using a variety of modules for code injection and execution since it uses a modular architecture, a feature that most loaders do not have. Based on […]
A relatively unknown threat group W3LL, which started six years ago with a custom tool for bulk email spam, is now running a massive operation by selling a phishing kit that targets Microsoft 365 business email accounts. According to researchers from Group-IB, the group has gone to great lengths to stay under the radar while […]
Freecycle, a nonprofit organization which sees members exchange reusable items to divert them from landfill, has recently suffered a data breach impacting 7 million of its members. According to Freecycle, data stolen in the cyber attack included “usernames, User IDs, email addresses and passwords” but “no other personal information was compromised and the breach has […]
Freecycle, a nonprofit organization which sees members exchange reusable items to divert them from landfill, has recently suffered a data breach impacting 7 million of its members. According to Freecycle, data stolen in the cyber attack included “usernames, User IDs, email addresses and passwords” but “no other personal information was compromised and the breach has […]
PurFoods, an American meal delivery service which provides both to individual customers as well as working with more than 500 health plans, managed care organizations, governments and agencies to provide medically-tailored meals to those covered by Medicare and Medicaid, has recently suffered a data breach that exposed the data of more than 1.2 million customers. […]