Skip to Content

The hackers behind the recent ransomware attacks against VMware ESXi hypervisor have reportedly modified the malware in a way that makes it more difficult for victims to use available decryption tools. A modified encryption routine encrypts a significantly larger amount of data. Note Of course they improve. On the other hand, all exposed vulnerable systems …

Read More about ESXi Attackers Raise the Stakes

In a blog post, researchers from Aqua Nautilus detail their findings about malware called HeadCrab that has infected more than 1,200 Redis database servers in the past year-and-a-half. The threat actor has been using their access to the servers to mine virtual currency. Note Optimized databases like Redis are sometimes “protected” by the limited functionality …

Read More about HeadCrab Malware Has Infected More than 1,200 Redis Servers

Starting in March, Microsoft will block XLL files coming from the Internet in Office Excel. In its Microsoft 365 roadmap, Microsoft writes that it is making this change “to combat the increasing number of malware attacks in recent months.” Note Nice to see Microsoft continuing its quest to block common malware delivery methods. XLL files …

Read More about Microsoft Will Block Excel XLL Add-ins from the Internet

Researchers from HUMAN have taken down a sizeable ad fraud scheme that spoofed more than 1,700 apps and managed to generate 12 billion ad requests a day. By injecting JavaScript into the ads, the scammers were able to layer multiple ads, registering views for ads that users did not see. HUMAN dubbed the malicious campaign …

Read More about HUMAN Security Takes Down Vastflux Ad Fraud Operation

Updated on 2023-01-05: New WordPress backdoor Dr.Web researchers have found a new exploit tool designed to attack WordPress sites, infect them with a backdoor, and then inject malicious scripts in their codebase. The malware targets vulnerabilities in more than 30 WordPress themes and plugins and exclusively targets Linux-based servers. Read more: Linux backdoor malware infects …

Read More about Linux Malware Exploits Backdoor Flaws in Multiple WordPress Plug-ins

Updated on 2022-12-29 A new MasquerAds technique is being widely used by threat actors to abuse the Google Ads platform in an attempt to deliver a variety of malware to victims’ systems. Read more: “MasquerAds” — Google’s Ad-Words Massively Abused by Threat Actors, Targeting Organizations, GPUs and Crypto Wallets Overview: MasquerAds On the same note, …

Read More about MasquerAds abuse Google Ads

Updated on 2022-12-22: FateGrab/StealDeal malware CERT-UA has a report out on a recent spear-phishing campaign that used a compromised Ministry of Defense account to target users of Delta, a platform used by Ukraine’s military forces for coordinating attacks. Read more: Кібератака на користувачів системи DELTA з використанням шкідливих програм RomCom/FateGrab/StealDeal (CERT-UA#5709) Overview Ukraine’s DELTA military …

Read More about FateGrab/StealDeal malware

Updated on 2022-12-29 Sekoia has a technical breakdown of RisePro, a new infostealer trojan spotted being advertised in underground cybercrime forums by Flashpoint. Per Sekoia, RisePro is currently being deployed as a second-stage payload on systems infected with the PrivateLoader malware. Read more: New RisePro Stealer distributed by the prominent PrivateLoader “RisePro” Stealer and Pay-Per-Install …

Read More about RisePro Stealer

Updated on 2022-12-26 GuLoader has been updated with new anti-evasion techniques to dodge traditional security solutions. The new version is also hostile to systems running virtual machines. Read more: Malware Analysis: GuLoader Dissection Reveals New Anti-Analysis Techniques and Code Injection Redundancy Updated on 2022-12-21 OALABS has released IOCs for the Guloader malware. Get them while …

Read More about Guloader malware updated with new anti-evasion techniques

Updated on 2022-12-16 Zimperium found bad actors abusing Flutter, an open-source UI software development kit, to deliver loan scam apps with severe privacy and security risks, in a campaign dubbed MoneyMonger. Updated on 2022-12-15 Zimperium has a report on MoneyMonger, a threat actor that develops and offers money-lending apps but also steals personal information from …

Read More about MoneyMonger malware use Flutter to deliver loan scam apps

Updated on 2022-12-13 Check Point has a technical breakdown of Azov, a data wiper that was deployed in the wild in September and November. The malware was delivered on systems previously infected with the SmokeLoader malware, tried to frame known security researchers as its authors, and according to Check Point, was “an egregious false flag …

Read More about Azov wiper malware

Updated on 2022-12-13 Trend Micro also has a report on a new Go-based malware strain named CHAOS RAT, used in recent crypto-mining attacks against Linux servers. The malware appears to have been open-sourced on GitHub. Overview Trend Micro researchers spotted a cryptocurrency mining campaign against Linux machines using the open-source Chaos RAT to deploy Monero …

Read More about CHAOS RAT Malware
Ads Blocker Image Powered by Code Help Pro

It looks like you are using an adblocker.

Ads keep our content free. Please consider supporting us by allowing ads on pupuweb.com