Malware

Security hero image

Carderbee Hackers Abuse Microsoft Signing Keys in Supply Chain Attacks

Security researchers have exposed a new supply chain attack that targeted entities across Asia, with a particular focus on Hong Kong. An unidentified hacking group, named Carderbee, employed an ingenious tactic — exploiting legitimate software — to infect around 100 computers with the PlugX/Korplug backdoor. According to the Symantec Threat Hunter Team, the hackers hijacked...

LATEST

Cloud Computing and Security

Microsoft Defender for Storage to Add Malware Scanning Support in September

Microsoft has announced that the malware scanning capability will become generally available on September 1. The new agentless SaaS solution will be available as an add-on for Microsoft Defender for Storage customers and will cost $0.15 (USD)/GB of data scanned. Microsoft Defender for Storage is a security solution that identifies unusual attempts to access or…

View Article
Security – 4

Researchers Warn About New Shikitega Malware Targeting Linux Endpoints and IoT Devices

Security researchers have unveiled a new malware that is infecting Linux endpoints and Internet-of-things (IoT) devices. The malware allows attackers to gain persistent access to the compromised system and deploy crypto-mining software. The stealthy malware dubbed “Shikitega” was first discovered by cybersecurity researchers at AT&T Alien Labs. The malware is delivered in a multi-stage infection…

View Article
Office 365

Microsoft’s Move to Block Office Macros Leads Hackers to Find New Attack Vectors

Last week, Microsoft started rolling out an update to block all Office VBA macros obtained from the internet by default to prevent phishing attacks. Now, the threat actors are using container files and other tactics to distribute malicious payloads. A macro is an automated input sequence that enables users to automate frequently used tasks in…

View Article
Security

Microsoft Exchange Servers Hit By Stealthy IIS Backdoors

Microsoft has published a security advisory about a new wave of malware attacks that target Exchange Servers. The company has warned IT admins that threat actors are increasingly using malicious Internet Information Services (IIS) modules to install backdoors and steal credentials. For those unfamiliar, Internet Information Services (IIS) is a web server that lets developers…

View Article
Security

Microsoft Detects Raspberry Robin Windows Worm in Hundreds of Enterprise Networks

Microsoft has warned customers about a new high-risk worm called “Raspberry Robin” that is infecting Windows PCs. The software giant has privately informed some Microsoft Defender for Endpoint users that the malware has been discovered in hundreds of enterprise networks across various industries (via Bleeping Computer). The Red Canary cybersecurity researchers first discovered Raspberry Robin…

View Article
Security

Kaspersky Discloses New ‘SessionManager’ Backdoor Targetting Microsoft Exchange Servers

Security vendor Kaspersky has warned about a new malware that allows attackers to backdoor Microsoft Exchange servers. Dubbed SessionManager, the malicious tool has been used for the past 15 months to target NGOs, government agencies, military as well as industrial organizations across Europe, South America, Asia, and Africa. As reported by the Kaspersky researchers, the…

View Article
Security

Researchers Discover New Symbiote Linux Malware Targeting Financial Institutions

Security researchers have discovered a new Linux malware dubbed Symbiote that uses sophisticated techniques to hide its presence on compromised systems. The malware appears to be targeting financial institutions in Latin America, including Brazil. Specifically, cyber security researchers from Intezer and The BlackBerry Threat Research & Intelligence Team first detected Symbiote in November 2021. The…

View Article
Security

Qbot Malware Operators Exploit Windows MSDT Zero-Day Flaw to Infect PCs

Cybersecurity researchers have found that attackers are exploiting the recently discovered Windows zero-day flaw dubbed “Follina” to infect victims’ computers with Qbot malware. Qbot operators have also teamed up with the Black Basta group to spread ransomware. Qbot, also known as QuakBot QakBot, and Pinkslipbot, was first identified in 2008 as a trojan capable of…

View Article
Security

Microsoft Detects 254% Spike in XorDDoS Attacks on Linux Servers

Microsoft has published an advisory about a distributed denial-of-service (DDoS) malware called XorDdos that is targeting Linux endpoints and servers. The company has warned that its security researchers have detected a 254 percent surge in the malware’s activity during the last six months. The security research group MalwareMustDie first discovered the XorDDoS malware back in…

View Article
Go to page