It cost a researcher only $25 worth of parts to create a tool that allows custom code to run on the satellite dishes.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two more flaws to its catalog of Known Exploited Vulnerabilities, based on evidence of active exploitation.
DGA is one of the classic techniques for botnets to hide their C2s, attacker
only needs to selectively register a very small number of C2 domains, while for
the defenders, it is difficult to determine in advance which domain names will
be generated and registered.
CISA has urged organizations to patch a recent Zimbra credential theft vulnerability after reports of exploitation in the wild.
In June 2022, FortiGuard Labs encountered IoT malware samples with SSH-related strings, something not often seen in other IoT threat campaigns. What piqued our interest more was the size of the code referencing these strings in relation to the code used for DDoS attacks, which usually comprises most of the code in other variants.
The head of Greek intelligence told a parliamentary committee his agency had spied on a journalist, two sources present said, in a disclosure that coincides with growing pressure on the government to shed light on the use of surveillance malware.
If you’re still running macOS Mojave or earlier, now is the time to take action to ensure your Mac maintains protection against malware.
The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
RedLine is a stealer distributed as cracked games, applications, and services. The malware steals information from web browsers, cryptocurrency wallets, and applications such as FileZilla, Discord, Steam, Telegram, and VPN clients. The binary also gathers data about the infected machine, such as the running processes, antivirus products, installed programs, the Windows product name, the processor architecture, etc. The stealer implements the following actions that extend its functionality: Download, RunPE, DownloadAndEx, OpenLink, and Cmd. The extracted information is converted to the XML format and exfiltrated to the C2 server via SOAP messages.
A ThreatLabz technical analysis of the latest variant of proxy-based AiTM attacks that are phishing enterprise users for their Microsoft credentials.
Raccoon is a malware family that has been sold as malware-as-a-service on underground forums since early 2019. In early July 2022, a new variant of this malware was released. The new variant, popularly known as Raccoon Stealer v2, is written in C unlike previous versions which were mainly written in C++.
This investigation report contains an applications analysis of 7 different Apple developer accounts (identified so far — maybe there are…
At a moment when education technology firms are stockpiling sensitive information on millions of school children, safeguards for student data have broken down.
Turns out they're not all that rare. We just don't know how to find them.
911[.]re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its…
Microsoft has discovered that an access broker it tracks as DEV-0206 uses the Raspberry Robin Windows worm to deploy a malware downloader on networks where it also found evidence of malicious activity matching Evil Corp tactics.
The risk of distributed denial-of-service attacks (DDoS) has never been greater. Over the past several years, organizations have encountered a deluge of DDoS extortion, novel threats, state-sponsored hacktivism, and unprecedented innovation in the threat landscape.
We have observed more than 3,000 emails containing phishing URLs that have utilized IPFS for the past 90 days and it is evident that IPFS is increasingly becoming a popular platform for phishing websites.
