TeamTNT targeting AWS, Alibaba

Written by Darin Smith Summary TeamTNT modified their scripts after they were made public by security researchers TeamTNT scripts primarily target AWS, but can also run in on-premise, container, or…

Malware distribution in public repositories highlighted by malicious npm packages stealing Discord tokens

ZDNet Recommends Best security key 2021 While robust passwords go a long way to securing your valuable online accounts, hardware-based two-factor authentication takes that security to the next level. Read…

Malicious npm Code Packages Built for Hijacking Discord Servers

The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases. A series of malicious packages in the Node.js package manager (npm)…

BlackBerry report highlights initial access broker providing entry to StrongPity APT, MountLocker and Phobos ransomware gangs

A new report from BlackBerry has uncovered an initial access broker called “Zebra2104” that has connections to three malicious cybercriminal groups, some of which are involved in ransomware and phishing. …

New malware lures fake Chrome update to attack Windows PCs

The prime target of this malware campaign is unsuspecting users on Windows 10. Rapid7 Managed Detection and Response team has shared details of their newly identified malware campaign, urging unsuspecting…

FormBook Adds Latest Office 365 0-Day Vulnerability (CVE-2021-40444) to Its Arsenal

Trend Micro – Trend Micro – FormBook Adds Latest Office 365 0-Day Vulnerability CVE-2021-40444 to Its Arsenal Exploits & Vulnerabilities Trend Micro detected a new campaign using a recent version…

New version of Jupyter infostealer delivered through MSI installer

By Deeba Ahmed Originally, Jupyter infostealer is known for stealing data from popular browsers like Chrome and Firefox. Here’s what the new version of it does. This is a post…

New Jupyter Evasive Delivery through MSI Installer

Introduction In 2020, Morphisec introduced the Jupyter infostealer, a .NET attack that primarily targets Chromium, Firefox, and Chrome browser data while also maintaining the additional capabilities of a backdoor.