Malware & Threats

Malware & Threats

Issued by: CSO

Government-sponsored hackers, who carry out cyberespionage campaigns, invest more resources than ever to find new ways of attacking the cloud. One of their preferred targets is Microsoft 365, previously called Office 365, a platform used by an increasing number of organizations of all sizes. From an intelligence collector’s perspective, it makes sense to target it….

Malware & Threats

Issued by: Security Week

The new funding round was led by private equity firm Crosspoint Capital Partners. Existing investor ForgePoint Capital also participated. ReversingLabs plans to use the new funds to scale its sales and marketing efforts. ReversingLabs offer products to help organizations mitigate software supply chain cyberattacks by checking binary integrity, as well as components and build processes,…

Malware & Threats

Issued by: Blog Malwarebytes

LemonDuck has evolved from a Monero cryptominer into LemonCat, a Trojan that specializes in backdoor installation, credential and data theft, and malware delivery, according to the Microsoft 365 Defender Threat Intelligence Team, which explained their findings in a two-part story [1][2] on the Microsoft Security blog. LemonDuck Trojan.LemonDuck has always been an advanced cryptominer that…

Malware & Threats

Issued by: Security Week

An example of hacked malware was discovered when researchers detected a user downloading a cracked copy of the credential stuffing tool Sentry MBA from a Turkish-language cracking forum. Sentry MBA includes features to bypass website security controls, such as CAPTCHA challenges and web application firewalls. “Threat actors,” say researchers in the HP Wolf Security Threat…

Malware & Threats

Issued by: Security Week

The Intezer team identified a series of unprotected instances operated by organizations in technology, finance, and logistics sectors, which allowed anyone to deploy workflows. In some cases, the nodes have been targeted by malicious actors to deploy crypto-miners. An open-source, container-native workflow engine that runs on Kubernetes, Argo Workflows allows users to run parallel jobs…

Malware & Threats

Issued by: Security Week

The FBI and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have issued a new joint advisory on a gas pipeline intrusion campaign allegedly conducted by Chinese state-sponsored hackers between 2011 and 2013. In addition, CISA has updated five advisories released between 2012 and 2017 to attribute malware and malicious activity to various nation states….

Malware & Threats

Issued by: Security Week

More details on the cyberattack on Iran’s railroad system emerged over the weekend. On Friday, July 9, 2021 Iran International reported that a system-wide disruption of Iran’s railroads was probably due to a cyberattack, citing the Revolutionary Guard-backed FARS news agency. Now it appears that the attackers had penetrated the system at least a month…

Malware & Threats

Issued by: Security Week

The new website, StopRansomware.gov, is designed to serve as a central hub that consolidates ransomware resources from all government agencies, including CISA, the FBI, the Secret Service, NIST, the Department of Treasury, and the HHS. Its goal is to provide useful resources for individuals, businesses and other organizations. StopRansomware.govStopRansomware.gov provides information on what to do…

Malware & Threats

Issued by: Security Week

Stressing that the situation was looking “positive compared to a few days ago”, Kevin Bell, press spokesman for Coop, told AFP that “a majority” of their stores were still closed. On Friday, a hacking attack indirectly hit the supermarket chain, paralysing all its cash registers and forcing the company to temporarily close nearly all its…