Sep 30, 2023THNCyber Espionage / Malware Sophisticated cyber actors backed by Iran known as OilRig have been linked to a spear-phishing campaign that infects victims with a new strain of malware called Menorah. "The malware was designed for cyberespionage, capable of identifying the machine, reading and uploading files from the machine, and downloading another file or … [Read more...] about Iranian APT Group OilRig Using New Menorah Malware for Covert Operations
Malware
New Advanced Backdoor with Distinctive Malware Tactics
Sep 23, 2023THNCyber Espionage / Malware Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign. "Deadglyph's architecture is unusual as it consists of cooperating components – one a native x64 binary, the other a .NET assembly," ESET said … [Read more...] about New Advanced Backdoor with Distinctive Malware Tactics
Protecting Your Microsoft IIS Servers Against Malware Attacks
Microsoft Internet Information Services (IIS) is a web server software package designed for Windows Server. Organizations commonly use Microsoft IIS servers to host websites, files, and other content on the web. Threat actors increasingly target these Internet-facing resources as low-hanging fruit for finding and exploiting vulnerabilities that facilitate access to IT … [Read more...] about Protecting Your Microsoft IIS Servers Against Malware Attacks
New Python Variant of Chaes Malware Targets Banking and Logistics Industries
Sep 05, 2023THNCyber Threat / Malware Banking and logistics industries are under the onslaught of a reworked variant of a malware called Chaes. "It has undergone major overhauls: from being rewritten entirely in Python, which resulted in lower detection rates by traditional defense systems, to a comprehensive redesign and an enhanced communication protocol," Morphisec said in … [Read more...] about New Python Variant of Chaes Malware Targets Banking and Logistics Industries
Russian State-Backed ‘Infamous Chisel’ Android Malware Targets Ukrainian Military
Cybersecurity and intelligence agencies from Australia, Canada, New Zealand, the U.K., and the U.S. on Thursday disclosed details of a mobile malware strain targeting Android devices used by the Ukrainian military. The malicious software, dubbed Infamous Chisel and attributed to a Russian state-sponsored actor called Sandworm, has capabilities to "enable unauthorized access to … [Read more...] about Russian State-Backed ‘Infamous Chisel’ Android Malware Targets Ukrainian Military
Syrian Threat Actor EVLF Unmasked as Creator of CypherRAT and CraxsRAT Android Malware
Aug 23, 2023THNMobile Security / Cyber Crime A Syrian threat actor named EVLF has been outed as the creator of malware families CypherRAT and CraxsRAT. "These RATs are designed to allow an attacker to remotely perform real-time actions and control the victim device's camera, location, and microphone," Cybersecurity firm Cyfirma said in a report published last week. CypherRAT … [Read more...] about Syrian Threat Actor EVLF Unmasked as Creator of CypherRAT and CraxsRAT Android Malware
Advanced Linux Malware Targeting South Korean Systems
Aug 05, 2023THNLinux / Malware Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea. "Unlike other rootkit malware that typically only provide concealment capabilities, Reptile goes a step further by offering a reverse shell, allowing threat actors to easily take control of systems," the AhnLab Security Emergency Response Center … [Read more...] about Advanced Linux Malware Targeting South Korean Systems
New Android Malware CherryBlos Utilizing OCR to Steal Sensitive Data
Jul 29, 2023THNAndroid / Malware A new Android malware strain called CherryBlos has been observed making use of optical character recognition (OCR) techniques to gather sensitive data stored in pictures. CherryBlos, per Trend Micro, is distributed via bogus posts on social media platforms and comes with capabilities to steal cryptocurrency wallet-related credentials and act … [Read more...] about New Android Malware CherryBlos Utilizing OCR to Steal Sensitive Data
New ‘Letscall’ Malware Employs Voice Traffic Routing
Jul 07, 2023Swati KhandelwalMobile Security / Malware Researchers have issued a warning about an emerging and advanced form of voice phishing (vishing) known as "Letscall." This technique is currently targeting individuals in South Korea. The criminals behind "Letscall" employ a multi-step attack to deceive victims into downloading malicious apps from a counterfeit Google … [Read more...] about New ‘Letscall’ Malware Employs Voice Traffic Routing
Malware in the free game Super Mario 3: Mario Forever
We often talk about the perils of downloading pirated versions of games, since they may harbor malware. But they aren’t the only threat. Nasty surprises can pop up in free-to-play games, too, which is what happened just recently with Super Mario 3: Mario Forever. But first things first… Malware in free-to-play Super Mario 3: Mario Forever The Super Mario series (aka Super Mario … [Read more...] about Malware in the free game Super Mario 3: Mario Forever