QNAP the Network-attached storage (NAS) appliance maker has released a new advisory warning of a cryptocurrency mining malware targeting devices. This is a bitcoin miner which target QNAP NAS. Once a NAS is infected, CPU usage becomes unusually high where a process named ‘[oom_reaper]’ could occupy around 50% of the total CPU usage,” the Taiwanese […]
Another Bitcoin Mining Malware Targets QNAP NAS Devices Read More »
A new form of malware hits E-commerce platforms in the U.S., Germany and France this malware is said to be targeting Nginx servers in an attempt to masquerade its presence and slip past detection by security solutions. Sansec Threat Research team have stated in a recent report that “this novel code injects itself into a
Researchers Discover Payment Data Stealing Malware Hiding in Nginx Process Read More »
Air-gapped networks have been discovered to be attacked by four different malicious frameworks bringing the total number of such toolkits to 17 and offering adversaries a pathway to cyber espionage and exfiltrate classified information. Researchers have stated that the frameworks were designed to perform some form of espionage and they all used USB drives as
Researchers Detail Novel Malicious Frameworks Attacking Air-Gapped Networks Read More »
Dubbed “Trojan Source attacks,” the technique “exploits subtleties in text-encoding standards such as Unicode to produce source code whose tokens are logically encoded in a different order from the one in which they are displayed, which eventually leads to a vulnerability which could not have been perceived by direct human code review. The vulnerability affects
Trojan Source: A New Technique Allowing Hackers Hide Vulnerabilities in Source Code Read More »
Cybersecurity researchers have on Tuesday discovered a mass volume of email attack notably targeting Germany and Australia. This campaign has beeen tied to the TA505 which is the name assigned to the financially motivated threat group that’s been in active cybercrime business since at least 2014 and is behind the infamous Dridex anking trojan as
FlawedGrace New Variant Is Spreading Through Mass Email Campaigns Read More »
The operators of the TrickBot Malware have resurfaced with new tricks seeking to increase its foothold by expanding its distribution channels, ultimately leading to the deployment of ransomware such as Conti. The threat actor, tracked as Wizard Spider has been discovered to be in partnership with other cybercrime gangs such as Hive0105, Hive0106 and Hive0107
The Operators Of TrickBot Now Expanding Malware Distribution Channel Read More »
An operation aimed at South East Asian targets back in July 2020 to deploy a kernel-mode rootkit on compromised Windows systems has been linked to a Chinese-speaking threat actor. The hacking group nicknamed GhostEmperor by Kaspersky has been known to use “sophisticated multi-stage malware framework” allowing a persistent and remote control over the targeted hosts.
Demodex: The New Rootkit Used by Chinese Hackers to Spy on Targeted Windows 10 Users Read More »
A previously undocumented backdoor that was recently found targeting an unnamed computer retail company based in the U.S. has been linked to a longstanding Chinese espionage operation dubbed Grayfly. In late August, Slovakian cybersecurity firm ESET disclosed details of an implant called SideWalk, which is designed to load arbitrary plugins sent from an attacker-controlled server,
Sidewalk Malware Attacks Linked to Grayfly Chinese Hacker Group Read More »
The evolution of Jupyter, a .NET infostealer has been reported by Cybersecurity researchers. This is known for going at healthcare and education sectors, making it exceptional at defeating most endpoint security scanning solutions. Morphisec underscores that the malware has not just continued to remain active but also showcases “how threat actors continue to develop their
Hackers Take To Distribution of Jupyter Malware Version via MSI Installer Read More »
Cybersecurity researchers on Wednesday disclosed a previously undocumented backdoor likely designed and developed by the Nobelium advanced persistent threat (APT) behind last year’s SolarWinds supply chain attack, joining the threat actor’s ever-expanding arsenal of hacking tools. A previously undocumented backdoor likely designed and developed by Nobelium advanced persistent threat(APT) has been disclosed by Cybersecurity researchers
Hackers Behind SolarWinds Cyberattack Linked to New Tomiris Backdoor Found Read More »
