Malware Alerts
-
Read moreIn May 2024, North Korean hacking group ScarCruft (APT37) exploited an Internet Explorer zero-day flaw (CVE-2024-39178) to distribute RokRAT malware through malicious toast pop-up ads. This zero-click malware campaign, dubbed "Code on Toast," compromised an advertising server, targeting systems to exfiltrate sensitive data and perform espionage activities. Despite Internet Explorer’s retirement, its components still pose a significant risk as threat actors continue exploiting these vulnerabilities. -
Read moreCybersecurity researchers have uncovered a new malware campaign leveraging the PureCrypter loader to deliver DarkVision RAT, a commodity remote access trojan with a broad range of malicious capabilities. First identified by Zscaler ThreatLabz in July 2024, the campaign employs a multi-stage attack process, exploiting persistence techniques and targeting Windows systems. DarkVision RAT’s versatility, combined with its low cost, has made it a popular tool for cybercriminals. -
Read moreA new phishing campaign targeting the insurance and finance sectors uses GitHub, Telegram bots, and ASCII QR codes to deliver malware and evade security measures. The attack leverages GitHub links and trusted repositories to distribute Remcos RAT, with the payload delivered via phishing emails. Additional techniques such as blob URLs and QR code-based phishing add complexity to detection, while Telegram bots facilitate scams on platforms like Booking.com and Airbnb. -
Read moreGoldenJackal, a little-known but highly capable threat actor, has been carrying out targeted cyberattacks against embassies and government organizations. With a focus on infiltrating air-gapped systems, GoldenJackal uses advanced malware toolsets like JackalWorm and GoldenDealer to steal confidential information from high-profile machines that aren't connected to the internet. -
Read moreA newly discovered malware, Perfctl, is actively exploiting vulnerable Linux servers to install cryptocurrency miners and proxyjacking software. This stealthy malware hides itself by mimicking legitimate processes, evading detection, and persisting even after system reboots. -
Read moreA dangerous new variant of the RomCom malware, dubbed 'SnipBot', has been spotted in sophisticated data theft attacks. Researchers from Palo Alto Networks' Unit 42 discovered this enhanced version, marking it as RomCom 5.0, and highlighting its ability to steal sensitive data from compromised systems while pivoting on networks to extend the attack. -
Posted: September 25, 2024Views: 61Read moreA new version of the Necro Android malware has been discovered hidden in altered versions of popular Android apps, including Wuta Camera and Max Browser, on the Google Play Store. These malicious apps have been downloaded over 11 million times, affecting users worldwide. -
.png)
Posted: October 21, 2023Views: 17Read moreExelaStealer, a brand-new information thief, has joined an already crowded field of commercial malware meant to steal sensitive information from -
.png)
Posted: September 27, 2023Views: 7Read moreCybersecurity experts have identified a new cybercrime group called ShadowSyndicate, previously known as Infra Storm. This group has been active -
.png)
Posted: July 07, 2023Categories: Ransomware, Security, Malware Alerts, Cyber Attack, Data Backup, Data Breach, vulnerability, HackerViews: 11Read moreWith over 1.5 million installations combined, two malicious file management apps were identified by security experts on Google Play. These
Recent Posts
November 20, 2024
November 15, 2024
