Skip to Content

New ESXi persistence technique

Updated on 2022-09-30 Mandiant discovered new espionage-related malware families—VIRTUALPITA and VIRTUALPIE—targeting VMware ESXi, Windows virtual machines, and Linux vCenter servers— to gain persistent administrative access. Read more: Bad VIB(E)s Part One: Investigating Novel Malware Persistence Within ESXi Hypervisors Overview Mandiant discovered a new persistence technique used against VMWare ESXi systems where threat actors gained access …

Read More about New ESXi persistence technique

ZINC APT

Updated on 2022-09-30 ZINC, a North Korean government hacking group and an affiliate of Lazarus, has been found weaponizing several open source software, including KiTTY, PuTTY, TightVNC, muPDF/Subliminal Recording, and Sumatra PDF Reader with custom malware capable of espionage, financial gain, data theft, and network destruction. Read more: North Korean Gov Hackers Caught Rigging Legit …

Read More about ZINC APT

Chaos Cross-Platform Malware Botnet

Updated on 2022-09-30 Researchers from Lumen’s Black Lotus Labs “recently uncovered a multifunctional Go-based malware that was developed for both Windows and Linux.” Dubbed Chaos, the malware uses infected devices for cryptomining and launching distributed denial-of-service (DDoS) attacks. Note While Chaos appears to have roots in the Kanji malware, it is considerably more advanced. This …

Read More about Chaos Cross-Platform Malware Botnet

Raspberry Robin activity surge

Update on 2022-09-26: Raspberry Robin activity surge Security firm Red Canary reported a surge in activity from the Raspberry Robin malware, which saw it jump from the #8 spot to #2 in the company’s most recent monthly malware ranking. Update on 2022-08-05: Raspberry Robin Microsoft said on Friday that they’d seen instances where the new …

Read More about Raspberry Robin activity surge

RedLine infects Video Game publisher

2K, an American video game publisher, revealed suffering a data breach after an unauthorized third party hacked its help desk platform and targeted customers with fake support tickets delivering malware. Hey folks, please read an important message from our Customer Support team. Thank you. pic.twitter.com/yKI18eL7mY — 2K Support (@2KSupport) September 20, 2022

Read More about RedLine infects Video Game publisher
Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.