Malware Archives - Page 2 of 30

Raspberry Robin malware uses Tor network to deliver payloads to Telecom and Government targets

Malware / By Frank Crast / December 29, 2022 / malware, Rasberry Robin, Red Canary, Tor network

Researchers have discovered a new malware threat dubbed Raspberry Robin that uses the Tor network to deliver payloads to Telecom and Government targets.

MCCrash botnet launches DDoS attacks against Minecraft servers

Cybersecurity Attacks, Malware / By Frank Crast / December 21, 2022 / botnet, Cyberattack, DDoS, DEV-1028, IOT, MCCrash, Microsoft, Minecraft

Microsoft researchers have detected a cross-platform botnet designed to infect Windows, Linux, and IoT devices. The botnet dubbed “MCCrash” then launches distributed denial of service (DDoS) attacks against private Minecraft servers.

Agenda Ransomware gang uses Rust to target more companies worldwide

Cybersecurity Attacks, Malware, Ransomware / By Frank Crast / December 20, 2022 / Agenda, Go, Ransomware, ransomware-as-a-service, RUST

A ransomware-as-a-service group has released a new variant of Agenda ransomware written in Rust, designed to target more companies from different countries. The group has also posted company victims online, threatening to publish private files.

Zerobot botnet exploits 21 vulnerabilities to breach targets

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / December 11, 2022 / CVE-2022-01388, CVE-2022-22965, Fortinet, Spring4Shell, WebSocket, Zerobot

Security researchers have spotted a unique botnet dubbed Zerobot exploiting 21 IoT, network and other vulnerabilities, such as F5 BIG-IP, D-Link, Zyxel, Spring4Shell and other flaws.

Cuba ransomware attacks on the rise with new exploits

Cybersecurity Articles, Malware, Ransomware, Vulnerabilities & Exploits / By Frank Crast / December 4, 2022 / C2, CISA, Cuba, CVE-2020-1472, CVE-2022-24521, FBI, H0lyGh0st, KerberCache, Kerberoasting, LockBit, malware, Ransomware, RomCom, Spy Marketplace, Zeppelin

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have released a joint Cybersecurity Advisory (CSA) with new details regarding Cuba Ransomware attacks.

Cybercriminal group TeamTNT leaks DockerHub credentials

Authentication, Cybersecurity Attacks, Malware / By Frank Crast / September 12, 2022 / Container, Docker, DockerHub, TeamTNT

Researchers from Trend Micro have discovered cybercriminal group TeamTNT leaking credentials from two of their attacker-controlled accounts via exposed Docker REST APIs.

Mirai variant MooBot botnet targets multiple D-Link flaws

Cybersecurity Attacks, Malware, Network Security, Vulnerabilities & Exploits / By Frank Crast / September 11, 2022 / botnet, CVE-2015-2051, CVE-2018-6530, CVE-2022-26258, CVE-2022-28958, Cybersecurity Threat Center, D-Link, Mirai, MooBot

Security researchers from Palo Alto Networks Unit 42 have discovered a Mirai botnet variant dubbed “MooBot” that targets multiple D-Link flaws and exposed networking devices running Linux.

Report: Linux malware and cloud misconfigurations top cybersecurity threats

Cloud Security, Container Security, Cybersecurity Attacks, Malware / By Frank Crast / September 5, 2022 / BlackCat, Cheerscrypt, Cloud, Containers, Conti, ESXi, Linux, LockBit, LockBit 2.0, MaaS, malware, RaaS, Ransomware, Trend Micro

A new report published by Trend Micro revealed that Linux malware and cloud misconfigurations make up some of the top cybersecurity threats facing organizations over the first half of 2022.

Zeppelin Ransomware threatens wide range of businesses and critical infrastructure organizations

Cybersecurity Attacks, Malware, Ransomware / By Frank Crast / August 16, 2022 / #StopRansomware, CISA, FBI, Ransomware, Vega, Zeppelin

The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have issued a joint cybersecurity advisory on Zeppelin Ransomware.

PrestaShop websites vulnerable to major SQL Injection attacks

Cybersecurity Attacks, Malware, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / July 26, 2022 / CVE-2022-36408, Cybersecurity Threat Center, MySQL, PrestaShop, SQL injection, SQLi

PrestaShop websites are reported vulnerable to a major SQL Injection vulnerability (tracked as CVE-2022-36408) and have been exploited in the wild since July 2022.