Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

New Backdoor Created Using Leaked CIA's Hive Malware Discovered in the Wild

Unidentified threat actors have deployed a new backdoor that borrows its features from the U.S. Central Intelligence Agency (CIA)'s Hive multi-platform malware suite, the source code of which was released by WikiLeaks in November 2017. "This is the first time we caught a variant of the CIA Hive attack kit in the wild, and we named it xdr33 based on its embedded Bot-side certificate CN=xdr33,"

The Hacker News
Open in Source
#vulnerability#intel#backdoor#ssl#The Hacker News
Timely patching is good, but sometimes it's not enough

Categories: News Categories: Ransomware Tags: Lorenz Tags: ransomware Tags: CVE-2022-29499 Tags: Mitel Tags: backdoor Tags: web shell A recent case-study showed once again that timely patching is important, but it's not a silver bullet for stopping ransomware. (Read more...) The post Timely patching is good, but sometimes it's not enough appeared first on Malwarebytes Labs.

Threat Round up for January 6 to January 13

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 6 and Jan. 13. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key

Credential Stealing Flaw in Google Chrome Impacted 2.5 Billion Users

By Deeba Ahmed The vulnerability affected all Chromium-based browsers, including Opera and Edge. This is a post from HackRead.com Read the original post: Credential Stealing Flaw in Google Chrome Impacted 2.5 Billion Users

Big Prizes, Cash on Offer for Joining 'DDosia' Anti-Ukraine Cyberattack Project

Russia's NoName057(16) group offers incentives and prizes via Telegram channel for "heroes" to mount attacks against targets within Ukraine and pro-Ukrainian countries.

IcedID Malware Strikes Again: Active Directory Domain Compromised in Under 24 Hours

A recent IcedID malware attack enabled the threat actor to compromise the Active Directory domain of an unnamed target less than 24 hours after gaining initial access. "Throughout the attack, the attacker followed a routine of recon commands, credential theft, lateral movement by abusing Windows protocols, and executing Cobalt Strike on the newly compromised host," Cybereason researchers said in

New Analysis Reveals Raspberry Robin Can be Repurposed by Other Threat Actors

A new analysis of Raspberry Robin's attack infrastructure has revealed that it's possible for other threat actors to repurpose the infections for their own malicious activities, making it an even more potent threat. Raspberry Robin (aka QNAP worm), attributed to a threat actor dubbed DEV-0856, is malware that has increasingly come under the radar for being used in attacks aimed at finance,