Cyware Alerts - Hacker News

DarkGate Campaign Leverages Windows SmartScreen Bypass Flaw

DarkGate Campaign Leverages Windows SmartScreen Bypass Flaw - Cyware Alerts - Hacker News
The DarkGate malware operation launched a new wave of attacks exploiting a recently patched Windows Defender SmartScreen vulnerability (CVE-2024-21412). Trend Micro analysts have reported that DarkGate operators are leveraging this vulnerability to enhance their malware distribution efforts, target ... Read More

Magnet Goblin Exploits 1-Day Bugs, Deploys Nerbian RAT

Magnet Goblin Exploits 1-Day Bugs, Deploys Nerbian RAT - Cyware Alerts - Hacker News
The threat actor group Magnet Goblin is rapidly exploiting newly disclosed vulnerabilities to target public-facing servers and edge devices, warned Check Point. This particular instance was an Ivanti Connect Secure exploitation campaign that resulted in the deployment of a Linux version of a ma ... Read More

Kimsuky Exploits ScreenConnect Bugs, Drops ToddlerShark

Kimsuky Exploits ScreenConnect Bugs, Drops ToddlerShark - Cyware Alerts - Hacker News
The North Korea-based Kimsuky APT is abusing ScreenConnect bugs, CVE-2024-1708 and CVE-2024-1709, to propagate a new malware called ToddleShark. ToddlerShark uses polymorphic traits, legitimate Microsoft binaries, and registry modifications to establish persistence and gather sensitive information ... Read More

UAC-0184 Targets Ukrainian Entity in Finland with Remcos RAT

UAC-0184 Targets Ukrainian Entity in Finland with Remcos RAT - Cyware Alerts - Hacker News
Morphisec found that the UAC-0184 threat actor used steganography to deliver the Remcos RAT via the IDAT Loader, targeting a Ukrainian entity in Finland. The incident comes a few weeks after ASEC discovered that Remcos RAT is being distributed disguised as adult games through webhards. Re ... Read More

Linux Malware ‘Migo’ Targets Redis for Cryptojacking Attacks

Linux Malware ‘Migo’ Targets Redis for Cryptojacking Attacks - Cyware Alerts - Hacker News
Researchers spotted a new Migo malware targeting Redis servers to mine cryptocurrency and utilizing system-weakening commands to disable security features. Migo is distributed as a Golang ELF binary, with compile-time obfuscation and the ability to persist on Linux hosts. Organizations are expected ... Read More

Charming Kitten Uses BASICSTAR Against Middle East Policy Experts

Charming Kitten Uses BASICSTAR Against Middle East Policy Experts - Cyware Alerts - Hacker News
Iranian-origin threat group Charming Kitten has launched an espionage campaign targeting Middle East policy experts using malware such as BASICSTAR and KORKULOADER, capable of executing remote commands and displaying decoy PDF files. Some phishing attacks dropped customized backdoors, POWERLESS for ... Read More

Newly Discovered RustDoor Malware Impersonates Visual Studio Update

Newly Discovered RustDoor Malware Impersonates Visual Studio Update - Cyware Alerts - Hacker News
A new macOS malware dubbed RustDoor, written in Rust, is being distributed disguised as a Visual Studio update. The malware provides backdoor access to compromised systems and is linked to infrastructure associated with the BlackCat ransomware gang. Researchers have shared a list of known IOCs ... Read More

Unpacking North Korea's Gambling Web Service

Unpacking North Korea's Gambling Web Service - Cyware Alerts - Hacker News
South Korea's National Intelligence Service reported that North Korea's Office 39 is selling pre-infected gambling websites to South Korean cybercrime groups. The scheme, believed to have generated billions, offers websites at $5,000/month with optional tech support for $3,000/month. The sites stea ... Read More

Bumblebee Resurfaces in a New Campaign

Bumblebee Resurfaces in a New Campaign - Cyware Alerts - Hacker News
Bumblebee returned after a four-month hiatus, employing social engineering tactics, sending emails with OneDrive URLs posing as voicemail notifications. The campaign stands out due to its utilization of VBA macro-enabled documents as most threat actors have nearly stopped using them after Micr ... Read More

Raspberry Robin Worm Rides on New One-Day Flaws to Launch Stealthy Attacks

Raspberry Robin Worm Rides on New One-Day Flaws to Launch Stealthy Attacks - Cyware Alerts - Hacker News
Check Point Research revealed a concerning trend in the tactics of the notorious malware, Raspberry Robin, indicating a transition towards purchasing exploits for swifter cyber assaults. Previously, the malware operators integrated exploits for year-old vulnerabilities but now prioritize exploits l ... Read More

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags