Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

Battling a new DarkGate malware campaign with Malwarebytes MDR

Categories: Business On September 13th, 2023, the Malwarebytes MDR team spotted a new DarkGate malware campaign on a client network. (Read more...) The post Battling a new DarkGate malware campaign with Malwarebytes MDR appeared first on Malwarebytes Labs.

Malwarebytes
Open in Source
#mac#windows#microsoft#git#intel#backdoor#pdf
Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices

Cisco has warned of a new zero-day flaw in IOS XE that has been actively exploited by an unknown threat actor to deploy a malicious Lua-based implant on susceptible devices. Tracked as CVE-2023-20273 (CVSS score: 7.2), the issue relates to a privilege escalation flaw in the web UI feature and is said to have been used alongside CVE-2023-20198 as part of an exploit chain. "The attacker first

Ducktail Infostealer, DarkGate RAT Linked to Same Threat Actors

Vietnamese cybercrime groups are using multiple different MaaS infostealers and RATs to target the digital marketing sector.

Vietnamese Hackers Target U.K., U.S., and India with DarkGate Malware

Attacks leveraging the DarkGate commodity malware targeting entities in the U.K., the U.S., and India have been linked to Vietnamese actors associated with the use of the infamous Ducktail stealer. "The overlap of tools and campaigns is very likely due to the effects of a cybercrime marketplace," WithSecure said in a report published today. "Threat actors are able to acquire and use multiple

ExelaStealer: A New Low-Cost Cybercrime Weapon Emerges

A new information stealer named ExelaStealer has become the latest entrant to an already crowded landscape filled with various off-the-shelf malware designed to capture sensitive data from compromised Windows systems. "ExelaStealer is a largely open-source infostealer with paid customizations available from the threat actor," Fortinet FortiGuard Labs researcher James Slaughter said in a

North Korean State Actors Attack Critical Bug in TeamCity Server

Known threat groups Diamond Sleet and Onyx Sleet focus on cyber espionage, data theft, network sabotage, and other malicious actions, Microsoft says.

Cisco Web UI Vulnerability Exploited Massly, Impacting Over 40K Devices

By Deeba Ahmed It is unclear how long Cisco will take to release a patch. This is a post from HackRead.com Read the original post: Cisco Web UI Vulnerability Exploited Massly, Impacting Over 40K Devices

Patch Now: APTs Continue to Pummel WinRAR Bug

State-sponsored cyber espionage actors from Russia and China continue to target WinRAR users with various info-stealing and backdoor malware, as a patching lag plagues the software's footprint.

Iran-Linked 'MuddyWater' Spies on Mideast Gov't for 8 Months

The state-sponsored threat actors (aka APT34, Crambus, Helix Kitten, or OilRig) spent months seemingly taking whatever government data they wished, using never-before-seen tools.

Sophisticated MATA Framework Strikes Eastern European Oil and Gas Companies

An updated version of a sophisticated backdoor framework called MATA has been used in attacks aimed at over a dozen Eastern European companies in the oil and gas sector and defense industry as part of a cyber espionage operation that took place between August 2022 and May 2023. "The actors behind the attack used spear-phishing mails to target several victims, some were infected with Windows