FBI: Cuba ransomware group hit 49 critical infrastructure organizations

The FBI has released a new notice about the Cuba ransomware, explaining that the group has attacked “49 entities in five critical infrastructure sectors” and made at least $43.9 million…

Compromise assessment or threat hunting? What do organizations need?

Organizations worldwide are undergoing rapid digitization to keep up with the fast-paced world we live in today. While it is a good initiative, cloud computing and remote work setup have…

Vulnerabilities Exploited for Monero Mining Malware Delivered via GitHub, Netlify

Trend Micro – Trend Micro – Vulnerabilities Exploited for Monero Mining Malware Delivered via GitHub, Netlify We looked into exploitation attempts we observed in the wild and the abuse of…

80K Retail WooCommerce Sites Exposed by Plugin XSS Bug

The Variation Swatches plugin security flaw lets attackers with low-level permissions tweak important settings on e-commerce sites to inject malicious scripts. The plugin “Variation Swatches for WooCommerce,” installed across 80,000…

Stealthy ‘WIRTE’ Gang Targets Middle Eastern Governments

Kaspersky researchers suspect that the cyberattackers may be a subgroup of the politically motivated, Palestine-focused Gaza Cybergang. A threat actor tracked as WIRTE has been assaulting Middle East governments since…

XSS Vulnerability Patched in Plugin Designed to Enhance WooCommerce

WordFence –  WordFence –  Note: To receive disclosures like this in your inbox the moment they’re published, you can subscribe to our WordPress Security Mailing List. On November 11, 2021…

Toss a Coin to your Helper (Part 2 of 2)

Avast –  Avast –  In the first posting of this series, we looked at a clipboard stealer belonging to the MyKings botnet. In this second part of the blog series,…

ScarCruft APT Mounts Desktop/Mobile Double-Pronged Spy Attacks

The North Korea-linked group is deploying the Chinotto spyware backdoor against dissidents, journalists and other politically relevant individuals in South Korea. The North Korea-linked ScarCruft advanced persistent threat (APT) group…

CronRAT, the New Linux RAT that Keeps a Low Profile

Experts have identified a new Linux RAT (Remote Access Trojan) that was dubbed CronRAT. It stands out through its hiding place, as it can be found in different tasks which…

JavaScript Loader RATDispenser Infects Windows PCs with RATs

RATDispenser, a novel secretive JavaScript loader, is being employed in phishing campaigns to infect devices with a range of Remote Access Trojans (RATs). The new loader quickly formed distribution agreements…