‘PseudoManuscrypt’ Mass Spyware Campaign Targets 35K Systems

It’s similar to Lazarus’s Manuscrypt malware, but the new spyware is splattering itself onto government organizations and ICS in a non-Lazarus-like, untargeted wave of attacks. Researchers have tracked new spyware…

‘Seedworm’ Attackers Target Telcos in Asia, Middle East

The focused attacks aimed at cyberespionage and lateral movement appear to hint at further ambitions by the group, including supply-chain threats. Attackers targeting telcos across the Middle East and Asia…

SolarWinds Attackers Spotted Using New Tactics, Malware

One year after the disruptive supply-chain attacks, researchers have observed two new clusters of activity from the Russia-based actors that signal a significant threat may be brewing. One year after…

Meet Lyceum: Iranian hackers targeting telecoms, ISPs

Researchers have provided a deep dive into the activities of Lyceum, an Iranian threat group focused on infiltrating the networks of telecoms companies and internet service providers (ISPs).  Lyceum, also…

Zoho Password Manager Flaw Torched by Godzilla Webshell

A new campaign is prying apart a known security vulnerability in the Zoho ManageEngine ADSelfService Plus password manager, researchers warned over the weekend. The threat actors have managed to exploit…

Lazarus Attackers Turn to the IT Supply Chain

Kaspersky researchers saw The North Korean state APT use a new variant of the BlindingCan RAT to breach a Latvian IT vendor and then a South Korean think tank. Lazarus…

Podcast: Could the Zoho Flaw Trigger SolarWinds 2.0?

Companies are worried that the highly privileged password app could let attackers deep inside an enterprise’s footprint, says Redscan’s George Glass. A month ago, the FBI, CISA and the U.S.…

New cyber-attack model helps hackers time the next Stuxnet

Padlokr –  Padlokr –  Disabling a country’s electricity with the click of a button. usairforce Akshat Rathi, The Conversation Of the many tricks used by the world’s greatest military strategists,…

Cyber spies for hire: efforts to control cyber weapons ignore the agents who use them

Padlokr –  Padlokr –  Maksim Shmeljov/Shutterstock Alexi Drew, King’s College London Reports of malicious and targeted cyber attacks are becoming increasingly common around the world. In early February, for example,…

ShellClient Malware Used against Aerospace and Telco Firms

ShellClient is a previously undocumented remote access trojan (RAT) built with extra attention to its stealth capabilities on any system it infects. Apparently, the malware was created in order to…