Malware Archives - Page 7 of 30

FontOnLake malware targets Linux systems

Cybersecurity Attacks, Malware / By Frank Crast / October 11, 2021 / Boost, C/C++, C2, ESET, FrontOnLake, Linux, malware, Poco, Protobuf, Trojan

A previously unknown malware family dubbed FontOnLake is targeting Linux systems. The malware is made up of “custom and well-designed modules.”

APT group ChamelGang targets Russian Energy and Aviation industries, 9 other countries

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / October 2, 2021 / APT, aviation, BeaconLoader, ChamelGang, Cobalt Strike, CVE-2017-12149, DoorMe, energy, Exchange, FRP, ProxyShell, Tiny shell

A new advanced persistent threat (APT) group dubbed ChamelGang has been targeting Russian Energy and Aviation industries, as well as entities in 9 other countries.

Microsoft: Nobelium cybergang deploys FoggyWeb backdoor to target AD FS servers

Cybersecurity Attacks, Malware / By Frank Crast / September 28, 2021 / Active Directory, AD FS, backdoor, Cyberattack, FoggyWeb, malware, Microsoft, Nobelium

Microsoft has warned that Nobelium threat actors are using a new backdoor malware dubbed FoggWeb to target Active Directory Federation Services (AD FS) servers.

Iowa-based farm service provider NEW Cooperative hit by BlackMatter ransomware attack

Cybersecurity Attacks, Malware / By Frank Crast / September 21, 2021 / BlackMatter, NEW Cooperative, Ransomware

An Iowa-based farm service provider NEW Cooperative was hit by a major BlackMatter ransomware attack. Security researchers leaked information that the cybercriminals behind the attack are demanding $5.9 million in ransom.

Sidewalk backdoor linked to Grayfly espionage group

Cybercrime, Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / September 13, 2021 / backdoor, C2, ESET, espionage, Exchange, Grayfly, malware, shellcode, Sidewalk

Researchers have recently discovered the Sidewalk modular backdoor has been linked to a Chinese Grayfly espionage group.

FBI warns of increasing ransomware attacks against the Food and Agriculture sector

Malware, Phishing, Security Monitoring / By Frank Crast / September 4, 2021 / FBI, JBS, meat producer, OnePercent, Ransomware, REvil, Sodinokibi

The Federal Bureau of Investigation (FBI) has issued a cybersecurity alert warning of increasing ransomware attacks against the Food and Agriculture sector.

FBI issues alert on OnePercent Group Ransomware attacks

Cybersecurity Attacks, Malware / By Frank Crast / August 30, 2021 / FBI, IcedID, OnePercent, Ransomware

The Federal Bureau of Investigation (FBI) has issued a cybersecurity alert on OnePercent Group Ransomware. The alert includes technical details on cyberattack, tools used and indicators of compromise.

Malicious PyPI software packages found stealing payment card numbers and injecting code

Application Security, Malware, Vulnerabilities & Exploits / By Frank Crast / August 5, 2021 / JFrog, noblesse, PyPl, Python, SDLC, ShadowHammer, Supply Chain

Security researchers have discovered malicious software packages from Python’s official third party software package repository PyPl stealing payment card numbers and injecting code.

Babuk ransomware: Soon to be targeting VMware and *nix systems?

Cybersecurity Attacks, Malware / By Frank Crast / August 1, 2021 / ESXi, Golang, Linux, malware, Ransomware

Cybercriminals behind Babuk ransomware announced in an underground forum that they are developing malware targeting Linux/UNIX and VMware ESXi systems.

Kaseya VSA falls victim to massive sophisticated ransomware attack (update)

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / July 13, 2021 / CISA, FBI, JBS, Kaseya, Ransomware, REvil, Travelex, VSA

Kaseya VSA has fallen victim to a sophisticated and massive ransomware attack, that some experts say has affected thousands of customers. The company also provided a patch update for on-premise customers.