Malware Archives - Page 6 of 30

Attackers exploit ZOHO ManageEngine ADSelfService Plus software

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / November 11, 2021 November 11, 2021

Attackers have been exploiting vulnerable ZOHO ManageEngine ADSelfService Plus software as part of a targeted campaign.

Embedded malware discovered in NPM package ua-parser-js

Application Security, Malware, Security Updates & Patches, Third-Party Security, Vulnerabilities & Exploits / By Frank Crast / October 27, 2021 October 27, 2021 / JavaScript, malware, NPM, ua-parser-js, User-Agent

Embedded malware has been discovered in an NPM package ua-parser-js, a popular JavaScript library designed to detect browser, engine, OS, CPU, and device type/model from User-Agent data.

Trickbot tops most popular malware in September 2021

Malware, Vulnerabilities & Exploits / By Frank Crast / October 11, 2021 October 11, 2021 / Agent Tesla, Floxif, Formbook, Glupteba, malware, njRAT, Ramnit, Remcos, Tofsee, Trickbot, XMRig

Check Point Research has revealed that Trickbot is once again the most popular malware, according to a Global Threat Index report for September 2021. A remote access trojan, njRAT, was also added to the top 10 report for first time ever.

FontOnLake malware targets Linux systems

Cybersecurity Attacks, Malware / By Frank Crast / October 11, 2021 October 11, 2021 / Boost, C/C++, C2, ESET, FrontOnLake, Linux, malware, Poco, Protobuf, Trojan

A previously unknown malware family dubbed FontOnLake is targeting Linux systems. The malware is made up of “custom and well-designed modules.”

APT group ChamelGang targets Russian Energy and Aviation industries, 9 other countries

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / October 2, 2021 October 2, 2021 / APT, aviation, BeaconLoader, ChamelGang, Cobalt Strike, CVE-2017-12149, DoorMe, energy, Exchange, FRP, ProxyShell, Tiny shell

A new advanced persistent threat (APT) group dubbed ChamelGang has been targeting Russian Energy and Aviation industries, as well as entities in 9 other countries.

Microsoft: Nobelium cybergang deploys FoggyWeb backdoor to target AD FS servers

Cybersecurity Attacks, Malware / By Frank Crast / September 28, 2021 September 28, 2021 / Active Directory, AD FS, backdoor, Cyberattack, FoggyWeb, malware, Microsoft, Nobelium

Microsoft has warned that Nobelium threat actors are using a new backdoor malware dubbed FoggWeb to target Active Directory Federation Services (AD FS) servers.

Iowa-based farm service provider NEW Cooperative hit by BlackMatter ransomware attack

Cybersecurity Attacks, Malware / By Frank Crast / September 21, 2021 September 21, 2021 / BlackMatter, NEW Cooperative, Ransomware

An Iowa-based farm service provider NEW Cooperative was hit by a major BlackMatter ransomware attack. Security researchers leaked information that the cybercriminals behind the attack are demanding $5.9 million in ransom.

Sidewalk backdoor linked to Grayfly espionage group

Cybercrime, Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / September 13, 2021 September 13, 2021 / backdoor, C2, ESET, espionage, Exchange, Grayfly, malware, shellcode, Sidewalk

Researchers have recently discovered the Sidewalk modular backdoor has been linked to a Chinese Grayfly espionage group.

FBI warns of increasing ransomware attacks against the Food and Agriculture sector

Malware, Phishing, Security Monitoring / By Frank Crast / September 4, 2021 September 4, 2021 / FBI, JBS, meat producer, OnePercent, Ransomware, REvil, Sodinokibi

The Federal Bureau of Investigation (FBI) has issued a cybersecurity alert warning of increasing ransomware attacks against the Food and Agriculture sector.

FBI issues alert on OnePercent Group Ransomware attacks

Cybersecurity Attacks, Malware / By Frank Crast / August 30, 2021 August 30, 2021 / FBI, IcedID, OnePercent, Ransomware

The Federal Bureau of Investigation (FBI) has issued a cybersecurity alert on OnePercent Group Ransomware. The alert includes technical details on cyberattack, tools used and indicators of compromise.