Monthly Archives: November 2024
-
Read moreHackers have leveraged the popular Godot game engine to spread GodLoader malware, infecting over 17,000 systems within three months. By exploiting Godot’s scripting language and packaging capabilities, cybercriminals bypass detection and deliver payloads like the XMRig crypto miner. This attack highlights the need for vigilance within open-source communities and enhanced protection against malware disguised as legitimate tools. -
Read moreResearchers have discovered "Bootkitty," the first-ever UEFI bootkit targeting Linux systems. Although currently a proof-of-concept, this development signals a critical shift in the UEFI threat landscape, historically dominated by Windows-focused attacks. Bootkitty demonstrates advanced capabilities, including bypassing Secure Boot protocols and disabling kernel integrity checks, emphasizing the need for robust cybersecurity measures to protect Linux environments. -
Read moreA Russia-aligned cybercrime group, RomCom, has leveraged two zero-day vulnerabilities in Firefox and Windows to deploy its backdoor malware, RomCom RAT, in a series of sophisticated attacks. These vulnerabilities allow remote code execution with no user interaction, escalating the threat posed by this group in both espionage and cybercrime operations. -
Read moreWe are thrilled to announce that NPAV (Net Protector Antivirus) has been awarded the prestigious AV-Test Advanced Threat Protection (ATP) Certificate, a testament to our cutting-edge capabilities in defending against today’s most sophisticated cyber threats. -
Read moreThe recent ransomware attack on Blue Yonder, a leading supply chain management firm, has caused significant disruptions to grocery store operations in the UK. The incident highlights the vulnerability of supply chain systems and the cascading impact on essential services like retail and logistics. -
Read moreRussian-linked cyber espionage group TAG-110, using the custom malware tools HATVIBE and CHERRYSPY, has targeted government agencies, human rights organizations, and research institutions across Europe and Asia. This campaign, tied to geopolitical objectives, highlights the growing threats posed by Russian hybrid warfare tactics in the cyber domain. -
Read moreChinese APT groups, including the notorious Gelsemium, are targeting Linux systems with new backdoors like WolfsBane and FireWood. These advanced malware families exploit Linux vulnerabilities for data exfiltration, system control, and stealthy espionage, marking a significant shift in attack strategies as Windows security becomes more robust. -
Read moreHackers are exploiting a technique called Ghost Tap, leveraging NFCGate to steal funds via mobile payment systems like Google Pay and Apple Pay. By relaying stolen NFC data, criminals conduct fraudulent transactions worldwide without needing physical access to victim devices. This alarming development underscores the need for heightened cybersecurity measures for mobile payment platforms. -
Read moreThe Helldown ransomware, derived from LockBit 3.0, has expanded its attack scope to include VMware and Linux systems. Targeting critical industries such as IT, telecommunications, and healthcare, the ransomware exploits vulnerabilities in Zyxel firewalls and virtualized infrastructures. With aggressive tactics like double extortion and data encryption, Helldown poses a significant threat while showing signs of ongoing evolution. -
Read moreA new fraud campaign led by the Chinese threat actor SilkSpecter is leveraging 4,700 fake e-commerce websites to steal payment card details and personal information. These sites mimic popular brands and utilize legitimate payment processors like Stripe to deceive victims.
Recent Posts
