Cyware Alerts - Hacker News
Never-Before-Seen Backdoors Spotted on VMware ESXi Servers
/https://cyware-ent.s3.amazonaws.com/image_bank/c3c9_shutterstock_691589746.jpg "Never-Before-Seen Backdoors Spotted on VMware ESXi Servers - Cybersecurity news")
Mandiant discovered new espionage-related malware families—VIRTUALPITA and VIRTUALPIE—targeting VMware ESXi on Windows VMs and Linux vCenter servers— to gain persistent administrative access. VirtualPita is a passive backdoor (64-bit) that creates a listener at a hardcoded port number on a VMware E ... Read More
News Royal Ransomware Operation Uses Callback Phishing Attacks
/https://cyware-ent.s3.amazonaws.com/image_bank/8c35_shutterstock_639898315.jpg "News Royal Ransomware Operation Uses Callback Phishing Attacks - Cybersecurity news")
Launched in January 2022, a ransomware operation, recently dubbed Royal, was observed attacking corporations through targeted callback phishing campaigns. In the campaign, hackers pose as software providers and food delivery services prompting subscription renewals. The group has been demanding ran ... Read More
Attackers Attempt to Infiltrate U.S. Military Contractors Via Phishing
/https://cyware-ent.s3.amazonaws.com/image_bank/176d_shutterstock_1179329605.jpg "Attackers Attempt to Infiltrate U.S. Military Contractors Via Phishing - Cybersecurity news")
Securonix disclosed details about a new attack campaign aimed at multiple military contractors involved in weapon manufacturing, including an F-35 Lightning II fighter aircraft components supplier. The attack begins with a phishing email sent to employees. With mild confidence, researchers attribut ... Read More
New Modular Campaign Delivers Cobalt Strike Beacons
/https://cyware-ent.s3.amazonaws.com/image_bank/6e0b_shutterstock_418940485.jpg "New Modular Campaign Delivers Cobalt Strike Beacons - Cybersecurity news")
A phishing campaign impersonating a government organization in the U.S. and a trade union in New Zealand attempts to deliver Cobalt Strike beacons on infected endpoints. The campaign exploits CVE-2017-0199, an RCE bug, that involves a multistage and modular infection chain with fileless, malic ... Read More
New Agent Tesla Campaign Spreads via Quantum Builder
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_397754680.jpg "New Agent Tesla Campaign Spreads via Quantum Builder - Cybersecurity news")
A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla RAT. The infection chain starts with a spear-phishing email, including LNK File laden with GZIP Archive. This campaign delivering Agent Tesla is the latest in the list of malware threats that are u ... Read More
Hackers Use PowerPoint Files to Deliver Graphite Malware
/https://cyware-ent.s3.amazonaws.com/image_bank/9ae7_shutterstock_1329983519.jpg "Hackers Use PowerPoint Files to Deliver Graphite Malware - Cybersecurity news")
A Cluster25 report stated that Russian GRU-linked APT28 is delivering Graphite malware to target entities in the defense and government sectors of the European Union and Eastern Europe. Cluster25 analysts state that the hackers have been planning the campaign since January or February but only ... Read More
Erbium InfoStealer Targets Web Browsers and Crypto Wallets
/https://cyware-ent.s3.amazonaws.com/image_bank/9c54_shutterstock_285665918.jpg "Erbium InfoStealer Targets Web Browsers and Crypto Wallets - Cybersecurity news")
The Erbium info-stealer was found being advertised on Russian-speaking hacker forums. The malware is swiftly becoming a preferred choice for hackers and it is being disseminated as game cheats on gaming forums to steal credentials and crypto wallets. Cluster25 reported Erbium infections in the U.S. ... Read More
New SEO Poisoning Campaign Spreads GootLoader Malware
/https://cyware-ent.s3.amazonaws.com/image_bank/2baf_shutterstock_1881482197.jpg "New SEO Poisoning Campaign Spreads GootLoader Malware - Cybersecurity news")
Security experts laid bare an extensive SEO poisoning attack campaign targeting employees across industries as well the government sector for the search results of specific terms relevant to their work. Researchers have linked the recent campaign to a threat group, TAC-011, active for several years ... Read More
APT41 Continues Targeting Healthcare, Pharma
/https://cyware-ent.s3.amazonaws.com/image_bank/a612_shutterstock_1261948831.jpg "APT41 Continues Targeting Healthcare, Pharma - Cybersecurity news")
A new alert by HC3 warned the healthcare sector against constant attacks by Chinese state-sponsored threat group, APT41. The group also targets pharmaceuticals and high-tech industries. It deploys multiple private and public malware to establish a foothold and custom tools to escalate privileg ... Read More
Metador: An Active Threat that Went Undetected for Years
/https://cyware-ent.s3.amazonaws.com/image_bank/71ec_shutterstock_717242740.jpg "Metador: An Active Threat that Went Undetected for Years - Cybersecurity news")
Telecoms, Internet Services Providers (ISPs), and universities across the Middle East and Africa have been under attack by a sophisticated threat actor, dubbed Metador. The group uses two custom Windows malware frameworks with one finding its expertise in multi-layered obfuscation and the other bei ... Read More
Defend Against Threats with Cyber Fusion
Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.
Learn More
Trending Tags
