Cyware Alerts - Hacker News

Never-Before-Seen Backdoors Spotted on VMware ESXi Servers

Never-Before-Seen Backdoors Spotted on VMware ESXi Servers - Cybersecurity news
Mandiant discovered new espionage-related malware families—VIRTUALPITA and VIRTUALPIE—targeting VMware ESXi on Windows VMs and Linux vCenter servers— to gain persistent administrative access. VirtualPita is a passive backdoor (64-bit) that creates a listener at a hardcoded port number on a VMware E ... Read More

News Royal Ransomware Operation Uses Callback Phishing Attacks

News Royal Ransomware Operation Uses Callback Phishing Attacks - Cybersecurity news
Launched in January 2022, a ransomware operation, recently dubbed Royal, was observed attacking corporations through targeted callback phishing campaigns. In the campaign, hackers pose as software providers and food delivery services prompting subscription renewals. The group has been demanding ran ... Read More

Attackers Attempt to Infiltrate U.S. Military Contractors Via Phishing

Attackers Attempt to Infiltrate U.S. Military Contractors Via Phishing - Cybersecurity news
Securonix disclosed details about a new attack campaign aimed at multiple military contractors involved in weapon manufacturing, including an F-35 Lightning II fighter aircraft components supplier. The attack begins with a phishing email sent to employees. With mild confidence, researchers attribut ... Read More

New Modular Campaign Delivers Cobalt Strike Beacons

New Modular Campaign Delivers Cobalt Strike Beacons - Cybersecurity news
A phishing campaign impersonating a government organization in the U.S. and a trade union in New Zealand attempts to deliver Cobalt Strike beacons on infected endpoints. The campaign exploits CVE-2017-0199, an RCE bug, that involves a multistage and modular infection chain with fileless, malic ... Read More

New Agent Tesla Campaign Spreads via Quantum Builder

New Agent Tesla Campaign Spreads via Quantum Builder - Cybersecurity news
A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla RAT. The infection chain starts with a spear-phishing email, including LNK File laden with GZIP Archive. This campaign delivering Agent Tesla is the latest in the list of malware threats that are u ... Read More

Hackers Use PowerPoint Files to Deliver Graphite Malware

Hackers Use PowerPoint Files to Deliver Graphite Malware - Cybersecurity news
A Cluster25 report stated that Russian GRU-linked APT28 is delivering Graphite malware to target entities in the defense and government sectors of the European Union and Eastern Europe. Cluster25 analysts state that the hackers have been planning the campaign since January or February but only ... Read More

Erbium InfoStealer Targets Web Browsers and Crypto Wallets

Erbium InfoStealer Targets Web Browsers and Crypto Wallets - Cybersecurity news
The Erbium info-stealer was found being advertised on Russian-speaking hacker forums. The malware is swiftly becoming a preferred choice for hackers and it is being disseminated as game cheats on gaming forums to steal credentials and crypto wallets. Cluster25 reported Erbium infections in the U.S. ... Read More

New SEO Poisoning Campaign Spreads GootLoader Malware

New SEO Poisoning Campaign Spreads GootLoader Malware - Cybersecurity news
Security experts laid bare an extensive SEO poisoning attack campaign targeting employees across industries as well the government sector for the search results of specific terms relevant to their work. Researchers have linked the recent campaign to a threat group, TAC-011, active for several years ... Read More

APT41 Continues Targeting Healthcare, Pharma

APT41 Continues Targeting Healthcare, Pharma - Cybersecurity news
A new alert by HC3 warned the healthcare sector against constant attacks by Chinese state-sponsored threat group, APT41. The group also targets pharmaceuticals and high-tech industries. It deploys multiple private and public malware to establish a foothold and custom tools to escalate privileg ... Read More

Metador: An Active Threat that Went Undetected for Years

Metador: An Active Threat that Went Undetected for Years - Cybersecurity news
Telecoms, Internet Services Providers (ISPs), and universities across the Middle East and Africa have been under attack by a sophisticated threat actor, dubbed Metador. The group uses two custom Windows malware frameworks with one finding its expertise in multi-layered obfuscation and the other bei ... Read More

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags