‘PseudoManuscrypt’ Mass Spyware Campaign Targets 35K Systems

It’s similar to Lazarus’s Manuscrypt malware, but the new spyware is splattering itself onto government organizations and ICS in a non-Lazarus-like, untargeted wave of attacks. Researchers have tracked new spyware…

Suspected Iranian hackers target airline with new backdoor

A suspected, state-sponsored Iranian threat group has attacked an airline with a never-before-seen backdoor.  On Wednesday, cybersecurity researchers from IBM Security X-Force said an Asian airline was the subject of…

Malicious Exchange Server Module Hoovers Up Outlook Credentials

“Owowa” stealthily lurks on IIS servers, waiting to harvest successful logins when an Outlook Web Access (OWA) authentication request is made. Researchers have uncovered a previously unknown malicious IIS module,…

Suspected espionage campaign targets telecoms, IT service firms in Middle East

Written by AJ Vicens Dec 14, 2021 | CYBERSCOOP Hackers targeted a string of telecommunication operators and IT service organizations in the Middle East and Asia over the last six…

StrongPity Malware Spread Using Malicious Notepad++ Installers

The Advanced Persistent Threat (APT) known as StrongPity is distributing malware-laced Notepad++ installers to infect their victims. #APT #StrongPity NotePad++ installer(npp.8.1.7.Installer.x64.exe)78556a2fc01c40f64f11c76ef26ec3ffhttp[:]//advancedtoenableplatform.com pic.twitter.com/eEXZWIObnH — blackorbird (@blackorbird) November 30, 2021 The method…

New Ceeloader Malware Used By Russian-backed Advanced Persistent Threat (APT) Organization Nobelium

Nobelium is a Russian-backed advanced persistent threat (APT) organization that achieved attention towards the end of 2020 after breaching SolarWinds’ software development supply chain to obtain access to espionage targets,…

The In-house Zoho ServiceDesk Exploit Used to Drop Webshells

You may recall that we reported a while ago that state-backed advanced persistent threat (APT) organizations had been actively exploiting a significant hole in a Zoho single sign-on and password…

Hackers are turning to this simple technique to install their malware on PCs

Nation state-backed hacking groups are exploiting a simple but effective new technique to power phishing campaigns for spreading malware and stealing information that’s of interest to their governments.  Cybersecurity researchers at Proofpoint say…

Stealthy ‘WIRTE’ Gang Targets Middle Eastern Governments

Kaspersky researchers suspect that the cyberattackers may be a subgroup of the politically motivated, Palestine-focused Gaza Cybergang. A threat actor tracked as WIRTE has been assaulting Middle East governments since…

ScarCruft APT Mounts Desktop/Mobile Double-Pronged Spy Attacks

The North Korea-linked group is deploying the Chinotto spyware backdoor against dissidents, journalists and other politically relevant individuals in South Korea. The North Korea-linked ScarCruft advanced persistent threat (APT) group…