‘DarkWatchman’ RAT Shows Evolution in Fileless Malware

The new tool manipulates Windows Registry in unique ways to evade security detections and is likely being used by ransomware groups for initial network access. A novel remote access trojan…

State-sponsored Threat Actors Steal Airline Data Using the Slack API

Reports show that a recently found backdoor dubbed ‘Aclip’ that exploits the Slack API for covert communications is being used by an alleged Iranian state-sponsored cybercriminal. The malicious actor began…

Suspected Iranian hackers target airline with new backdoor

A suspected, state-sponsored Iranian threat group has attacked an airline with a never-before-seen backdoor.  On Wednesday, cybersecurity researchers from IBM Security X-Force said an Asian airline was the subject of…

Variant of Phorpiex botnet used for cryptocurrency attacks in Ethopia, Nigeria, India and more

Check Point Research has discovered new attacks targeting cryptocurrency users in Ethiopia, Nigeria, India and 93 other countries. The cybercriminals behind the attacks are using a variant of the Phorpiex…

Malicious Exchange Server Module Hoovers Up Outlook Credentials

“Owowa” stealthily lurks on IIS servers, waiting to harvest successful logins when an Outlook Web Access (OWA) authentication request is made. Researchers have uncovered a previously unknown malicious IIS module,…

Espionage Hacking Campaign Is Targeting Telecom Operators

A fresh espionage hacking effort targeting Middle Eastern and Asian telecommunications and IT service companies was recently discovered. The operation has been running for six months, and it may have…

Grindr Fined €6.5m for Selling User Data Without Explicit Consent

Grindr Fined €6.5m for Selling User Data Without Explicit Consent Dating app Grindr has been fined €6.5m (£5.5m) for selling user data to advertisers without their explicit consent. The fine…

IIS Extensible Web Server Used to Steal Microsoft Exchange Credentials

Cybercriminals are installing a new malicious add-on for the IIS web server on Microsoft Exchange Outlook Web Access (OWA) servers to collect login information and remotely perform commands on the…

Suspected espionage campaign targets telecoms, IT service firms in Middle East

Written by AJ Vicens Dec 14, 2021 | CYBERSCOOP Hackers targeted a string of telecommunication operators and IT service organizations in the Middle East and Asia over the last six…

‘Seedworm’ Attackers Target Telcos in Asia, Middle East

The focused attacks aimed at cyberespionage and lateral movement appear to hint at further ambitions by the group, including supply-chain threats. Attackers targeting telcos across the Middle East and Asia…