Malware & Threats Archives - Page 15 of 107

Romanian cybercrime gang Diicot builds DDoS botnet with Mirai variant

Issued by: CSO Online

A cybercriminal group calling itself Diicot is performing mass SSH brute-force scanning and deploying a variant of the Mirai IoT botnet on compromised devices, according to researchers. The group also deploys a cryptocurrency mining payload on servers with CPUs that have more than four cores. “Although Diicot have traditionally been associated with cryptojacking campaigns, Cado…

Malware & Threats

Unveiling the Balada injector: a malware epidemic in WordPress

Issued by: Security Affairs

A deadly cyber campaign has been working silently to undermine website security by exploiting popular WordPress plugins — infiltrating over a million websites and leaving administrators scrambling for solutions. In April 2023, Bleeping Computer and other tech outlets like TechRadar began circulating reports of cybercriminals successfully hacking WordPress websites. They were able to gain access…

Malware & Threats

Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue

Issued by: Security Affairs

The Microsoft Windows vulnerability CVE-2023-29336 (CVSS score 7.8) is an elevation of privilege issue that resides in the Win32k component. Win32k.sys is a system driver file in the Windows operating system. The driver is responsible for providing the interface between user-mode applications and the Windows graphical subsystem. The vulnerability is actively exploited in attacks. The…

Malware & Threats

New PowerDrop Malware Targeting U.S. Aerospace Industry

Issued by: The Hacker News

An unknown threat actor has been observed targeting the U.S. aerospace industry with a new PowerShell-based malware called PowerDrop. “PowerDrop uses advanced techniques to evade detection such as deception, encoding, and encryption,” according to Adlumin, which found the malware implanted in an unnamed domestic aerospace defense contractor in May 2023. “The name is derived from…

Malware & Threats

ChatGPT creates mutating malware that evades detection by EDR

Issued by: CSO Online

A global sensation since its initial release at the end of last year, ChatGPT’s popularity among consumers and IT professionals alike has stirred up cybersecurity nightmares about how it can be used to exploit system vulnerabilities. A key problem, cybersecurity experts have demonstrated, is the ability of ChatGPT and other large language models (LLMs) to…

Malware & Threats

Latitude Financial Attack Costs Company Up to AU$105 Million

Issued by: DataBreach Today

Australian consumer lender Latitude Financial Services anticipates its spring cybersecurity incident will cost it up to AU$105 million, which includes a five-week period during which debt collection systems were severely affected by the attack. Hackers demanded extortion from the non-bank creditor after stealing data pertaining to 14 million customers, including nearly 8 million Australian and…

Malware & Threats

CommonMagic APT Campaign Broadens Target Scope to Central and Western Ukraine

Issued by: Dark Reading

Kaspersky researchers have provided further details on the CommonMagic campaign, which was first observed in March targeting companies in the Russo-Ukrainian conflict area. The new research reveals more sophisticated malicious activities from the same threat actor. The investigation identified that the newly-discovered framework has expanded its victimology to include organizations in Central and Western Ukraine….

Malware & Threats

Alleged Babuk Ransomware Hacker ‘Wazawaka’ Indicted in US

Issued by: DataBreach Today

A Russian man the U.S. federal government says has been a key actor in Russian ransomware hacking faces indictment in two American jurisdictions, economic sanctions and a $10 million reward for information leading to his arrest. The man, Mikhail Matveev, 31, aka Wazawaka, was a central figure of the Babuk ransomware-as-a-service gang. Babuk became inactive…

Malware & Threats

PEGA Committee Calls for Limits on Commercial Spyware

Issued by: DataBreach Today

A European Parliament committee investigating the abuse of commercial spyware tools such as Pegasus recommended a slew of new regulatory safeguards but dropped a preliminary call for a moratorium. In place of a continental pause on European Union member governments’ deployment of spyware that can surreptitiously infect smartphones to record the location, telephone calls and…

Malware & Threats

Hackers Leak Private Keys; Many MSI Products at Risk

Issued by: DataBreach Today

The security of hundreds of Micro-Star International products is at risk due to hackers leaking private code signing keys stolen during a data breach last month. The Money Message ransomware group began leaking stolen data last Thursday after “no agreement” was reached with the Taiwanese PC vendor, the group said on its data leak site….